LANL Safeguards and Security Assurance Program. Revision 6

DOE Office of Scientific and Technical Information (OSTI.GOV)

NONE

1995-04-03

The Safeguards and Security (S and S) Assurance Program provides a continuous quality improvement approach to ensure effective, compliant S and S program implementation throughout the Los Alamos National Laboratory. Any issues identified through the various internal and external assessments are documented, tracked and closed using the Safeguards and Security Issue Management Program. The Laboratory utilizes an integrated S and S systems approach to protect US Department of Energy (DOE) interests from theft or diversion of special nuclear material (SNM), sabotage, espionage, loss or theft of classified/controlled matter or government property, and other hostile acts that may cause unacceptable impactsmore » on national security, health and safety of employees and the public, and the environment. This document explains the basis, scope, and conduct of the S and S process to include: self-assessments, issue management, risk assessment, and root cause analysis. It also provides a discussion of S and S topical areas, roles and responsibilities, process flow charts, minimum requirements, methodology, terms, and forms.« less

Underground Test Area Quality Assurance Project Plan Nevada National Security Site, Nevada, Revision 0

DOE Office of Scientific and Technical Information (OSTI.GOV)

Irene Farnham

This Quality Assurance Project Plan (QAPP) provides the overall quality assurance (QA) program requirements and general quality practices to be applied to the U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Site Office (NNSA/NSO) Underground Test Area (UGTA) Sub-Project (hereafter the Sub-Project) activities. The requirements in this QAPP are consistent with DOE Order 414.1C, Quality Assurance (DOE, 2005); U.S. Environmental Protection Agency (EPA) Guidance for Quality Assurance Project Plans for Modeling (EPA, 2002); and EPA Guidance on the Development, Evaluation, and Application of Environmental Models (EPA, 2009). The QAPP Revision 0 supersedes DOE--341, Underground Test Area Quality Assurancemore » Project Plan, Nevada Test Site, Nevada, Revision 4.« less

Software assurance standard

NASA Technical Reports Server (NTRS)

1992-01-01

This standard specifies the software assurance program for the provider of software. It also delineates the assurance activities for the provider and the assurance data that are to be furnished by the provider to the acquirer. In any software development effort, the provider is the entity or individual that actually designs, develops, and implements the software product, while the acquirer is the entity or individual who specifies the requirements and accepts the resulting products. This standard specifies at a high level an overall software assurance program for software developed for and by NASA. Assurance includes the disciplines of quality assurance, quality engineering, verification and validation, nonconformance reporting and corrective action, safety assurance, and security assurance. The application of these disciplines during a software development life cycle is called software assurance. Subsequent lower-level standards will specify the specific processes within these disciplines.

48 CFR 3046.793 - Waiver and notification procedures (USCG).

Code of Federal Regulations, 2014 CFR

2014-10-01

... SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) CONTRACT MANAGEMENT QUALITY ASSURANCE Warranties... anticipated to be delivered during the life of the program); (2) The specific waiver requested, the duration...

48 CFR 3046.793 - Waiver and notification procedures (USCG).

Code of Federal Regulations, 2013 CFR

2013-10-01

... SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) CONTRACT MANAGEMENT QUALITY ASSURANCE Warranties... anticipated to be delivered during the life of the program); (2) The specific waiver requested, the duration...

Models for Information Assurance Education and Outreach: A Report on Year 2 Implementation

ERIC Educational Resources Information Center

Wang, Jianjun

2014-01-01

"Models for Information Assurance Education and Outreach" (MIAEO) is an NSF-funded, three-year project to support hands-on explorations in "network security" and "cryptography" through Research Experience Vitalizing Science-University Program (REVS-UP) at California State University, Bakersfield. In addition, the…

44 CFR 19.115 - Assurance required.

Code of Federal Regulations, 2011 CFR

2011-10-01

... HOMELAND SECURITY GENERAL NONDISCRIMINATION ON THE BASIS OF SEX IN EDUCATION PROGRAMS OR ACTIVITIES... official if the applicant or recipient to whom such assurance applies fails to commit itself to take... on the basis of sex or to eliminate the effects of past discrimination whether occurring prior to or...

44 CFR 19.115 - Assurance required.

Code of Federal Regulations, 2013 CFR

2013-10-01

... HOMELAND SECURITY GENERAL NONDISCRIMINATION ON THE BASIS OF SEX IN EDUCATION PROGRAMS OR ACTIVITIES... official if the applicant or recipient to whom such assurance applies fails to commit itself to take... on the basis of sex or to eliminate the effects of past discrimination whether occurring prior to or...

44 CFR 19.115 - Assurance required.

Code of Federal Regulations, 2014 CFR

2014-10-01

... HOMELAND SECURITY GENERAL NONDISCRIMINATION ON THE BASIS OF SEX IN EDUCATION PROGRAMS OR ACTIVITIES... official if the applicant or recipient to whom such assurance applies fails to commit itself to take... on the basis of sex or to eliminate the effects of past discrimination whether occurring prior to or...

44 CFR 19.115 - Assurance required.

Code of Federal Regulations, 2012 CFR

2012-10-01

... HOMELAND SECURITY GENERAL NONDISCRIMINATION ON THE BASIS OF SEX IN EDUCATION PROGRAMS OR ACTIVITIES... official if the applicant or recipient to whom such assurance applies fails to commit itself to take... on the basis of sex or to eliminate the effects of past discrimination whether occurring prior to or...

50 CFR 600.240 - Security assurances.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 50 Wildlife and Fisheries 12 2013-10-01 2013-10-01 false Security assurances. 600.240 Section 600... ADMINISTRATION, DEPARTMENT OF COMMERCE MAGNUSON-STEVENS ACT PROVISIONS Council Membership § 600.240 Security assurances. (a) DOC Office of Security will issue security assurances to Council members following completion...

50 CFR 600.240 - Security assurances.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 50 Wildlife and Fisheries 12 2012-10-01 2012-10-01 false Security assurances. 600.240 Section 600... ADMINISTRATION, DEPARTMENT OF COMMERCE MAGNUSON-STEVENS ACT PROVISIONS Council Membership § 600.240 Security assurances. (a) DOC Office of Security will issue security assurances to Council members following completion...

50 CFR 600.240 - Security assurances.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 50 Wildlife and Fisheries 10 2011-10-01 2011-10-01 false Security assurances. 600.240 Section 600... ADMINISTRATION, DEPARTMENT OF COMMERCE MAGNUSON-STEVENS ACT PROVISIONS Council Membership § 600.240 Security assurances. (a) DOC Office of Security will issue security assurances to Council members following completion...

Integrating Programming Language and Operating System Information Security Mechanisms

DTIC Science & Technology

2016-08-31

suggestions for reducing the burden, to the Department of Defense, Executive Service Directorate (0704-0188). Respondents should be aware that...improve the precision of security enforcement, and to provide greater assurance of information security. This grant focuses on two key projects: language...based control of authority; and formal guarantees for the correctness of audit information. 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17

32 CFR 236.4 - Procedures.

Code of Federal Regulations, 2014 CFR

2014-07-01

... DEFENSE (DoD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA... a recurring basis, and to the greatest extent possible, cyber security information relating to... Office is the overall point of contact for the program. The DoD Cyber Crime Center's DoD-DIB...

32 CFR 236.4 - Procedures.

Code of Federal Regulations, 2012 CFR

2012-07-01

... DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA... a recurring basis, and to the greatest extent possible, cyber security information relating to... Office is the overall point of contact for the program. The DoD Cyber Crime Center's DoD-DIB...

32 CFR 236.4 - Procedures.

Code of Federal Regulations, 2013 CFR

2013-07-01

... DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA... a recurring basis, and to the greatest extent possible, cyber security information relating to... Office is the overall point of contact for the program. The DoD Cyber Crime Center's DoD-DIB...

Security Hardened Cyber Components for Nuclear Power Plants: Phase I SBIR Final Technical Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Franusich, Michael D.

SpiralGen, Inc. built a proof-of-concept toolkit for enhancing the cyber security of nuclear power plants and other critical infrastructure with high-assurance instrumentation and control code. The toolkit is based on technology from the DARPA High-Assurance Cyber Military Systems (HACMS) program, which has focused on applying the science of formal methods to the formidable set of problems involved in securing cyber physical systems. The primary challenges beyond HACMS in developing this toolkit were to make the new technology usable by control system engineers and compatible with the regulatory and commercial constraints of the nuclear power industry. The toolkit, packaged as amore » Simulink add-on, allows a system designer to assemble a high-assurance component from formally specified and proven blocks and generate provably correct control and monitor code for that subsystem.« less

77 FR 14955 - DoD Information Assurance Scholarship Program (IASP)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-14

... IA and information technology (IT) management, technical, digital and multimedia forensics, cyber..., digital and multimedia forensics, electrical engineering, electronics engineering, information security...

Evaluation of a mandatory quality assurance data capture in anesthesia: a secure electronic system to capture quality assurance information linked to an automated anesthesia record.

PubMed

Peterfreund, Robert A; Driscoll, William D; Walsh, John L; Subramanian, Aparna; Anupama, Shaji; Weaver, Melissa; Morris, Theresa; Arnholz, Sarah; Zheng, Hui; Pierce, Eric T; Spring, Stephen F

2011-05-01

Efforts to assure high-quality, safe, clinical care depend upon capturing information about near-miss and adverse outcome events. Inconsistent or unreliable information capture, especially for infrequent events, compromises attempts to analyze events in quantitative terms, understand their implications, and assess corrective efforts. To enhance reporting, we developed a secure, electronic, mandatory system for reporting quality assurance data linked to our electronic anesthesia record. We used the capabilities of our anesthesia information management system (AIMS) in conjunction with internally developed, secure, intranet-based, Web application software. The application is implemented with a backend allowing robust data storage, retrieval, data analysis, and reporting capabilities. We customized a feature within the AIMS software to create a hard stop in the documentation workflow before the end of anesthesia care time stamp for every case. The software forces the anesthesia provider to access the separate quality assurance data collection program, which provides a checklist for targeted clinical events and a free text option. After completing the event collection program, the software automatically returns the clinician to the AIMS to finalize the anesthesia record. The number of events captured by the departmental quality assurance office increased by 92% (95% confidence interval [CI] 60.4%-130%) after system implementation. The major contributor to this increase was the new electronic system. This increase has been sustained over the initial 12 full months after implementation. Under our reporting criteria, the overall rate of clinical events reported by any method was 471 events out of 55,382 cases or 0.85% (95% CI 0.78% to 0.93%). The new system collected 67% of these events (95% confidence interval 63%-71%). We demonstrate the implementation in an academic anesthesia department of a secure clinical event reporting system linked to an AIMS. The system enforces entry of quality assurance information (either no clinical event or notification of a clinical event). System implementation resulted in capturing nearly twice the number of events at a relatively steady case load. © 2011 International Anesthesia Research Society

Information Assurance Study

DTIC Science & Technology

1998-01-01

usually written up by Logistics or Maintenance (4790 is the Maintenance “ Bible ”). If need be, and if resources are available, one could collect all...Public domain) SATAN (System Administration Tool for Analyzing Networks) (Public Domain) STAT ( Security Test and Analysis Tool) (Harris Corporation...Service-Filtering Tools 1. TCP/IP wrapper program • Tools to Scan Hosts for Known Vulnerabilities 1. ISS (Internet Security Scanner) 2. SATAN (Security

44 CFR 7.9 - Assurances from institutions.

Code of Federal Regulations, 2010 CFR

2010-10-01

... OF HOMELAND SECURITY GENERAL NONDISCRIMINATION IN FEDERALLY-ASSISTED PROGRAMS (FEMA REG. 5... admission or other treatment of individuals as students, patients, or clients of the institutions or to the...

48 CFR 3046.790-4 - Waiver (USCG).

Code of Federal Regulations, 2013 CFR

2013-10-01

... SECURITY ACQUISITION REGULATION (HSAR) CONTRACT MANAGEMENT QUALITY ASSURANCE Warranties 3046.790-4 Waiver... number of units delivered and anticipated to be delivered during the life of the program); (2) The...

48 CFR 3046.790-4 - Waiver (USCG).

Code of Federal Regulations, 2014 CFR

2014-10-01

... SECURITY ACQUISITION REGULATION (HSAR) CONTRACT MANAGEMENT QUALITY ASSURANCE Warranties 3046.790-4 Waiver... number of units delivered and anticipated to be delivered during the life of the program); (2) The...

78 FR 53736 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-30

...: Title, Associated Form and OMB Number: Defense Industrial Base Cyber Security/Information Assurance (DIB... program administration and management purposes. Affected Public: Business or other for-Profit; Not-for...

The ethical aspects of regulating production.

PubMed

Swanson, J C

2008-02-01

Polls and surveys conducted within the United States show general agreement that there is public support for the protection of farm livestock and poultry. Concurrent with the growing public sentiment is the recent adoption of socially responsible corporate policies by major food retailers relative to animal welfare. The animal welfare assurance and audit programs developed by the private sector are an attempt to assure consumers that best practice measures and independent oversight result in a reasonable quality of life for food-producing animals. These programs represent voluntary self-regulation and arguably a market-based approach to secure the welfare of food-producing animals. Animal advocacy organizations historically seek regulatory oversight of animal care practice. Legislative routes that require government promulgation and enforcement of animal care regulations represent an involuntary form of animal welfare assurance. There are ethical considerations concerning the employment of voluntary or involuntary regulation of the welfare of food-producing animals. For example, degree of public endangerment, economic impact, viability of small to medium producers, food price, food quality, and food security are prominent among the ethical considerations in deliberating whether to impose regulatory mandates on production. In either regulatory approach, the public must be convinced that the welfare of food-producing animals can be secured in a transparent and convincing manner.

Reducing software security risk through an integrated approach research initiative model based verification of the Secure Socket Layer (SSL) Protocol

NASA Technical Reports Server (NTRS)

Powell, John D.

2003-01-01

This document discusses the verification of the Secure Socket Layer (SSL) communication protocol as a demonstration of the Model Based Verification (MBV) portion of the verification instrument set being developed under the Reducing Software Security Risk (RSSR) Trough an Integrated Approach research initiative. Code Q of the National Aeronautics and Space Administration (NASA) funds this project. The NASA Goddard Independent Verification and Validation (IV&V) facility manages this research program at the NASA agency level and the Assurance Technology Program Office (ATPO) manages the research locally at the Jet Propulsion Laboratory (California institute of Technology) where the research is being carried out.

Using a Serious Game Approach to Teach Secure Coding in Introductory Programming: Development and Initial Findings

ERIC Educational Resources Information Center

Adamo-Villani, Nicoletta; Oania, Marcus; Cooper, Stephen

2013-01-01

We report the development and initial evaluation of a serious game that, in conjunction with appropriately designed matching laboratory exercises, can be used to teach secure coding and Information Assurance (IA) concepts across a range of introductory computing courses. The IA Game is a role-playing serious game (RPG) in which the student travels…

Report of the Defense Science Board/Air Force Scientific Advisory Board Joint Task Force on Acquisition of National Security Space Programs

DTIC Science & Technology

2003-05-01

space requires both contractors---at least until sustainable performance is demonstrated • EELV program has occurred in highly cost constrained...both contractors • Take necessary actions to assure both contractors remain viable---at least until sustainable performance is demonstrated

76 FR 81909 - Notice of Request for Extension of a Currently Approved Information Collection

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-29

..., financial feasibility determinations and loan security determinations as required by the Con Act. Estimate... Industry Loan Program. DATES: Comments on this notice must be received by February 27, 2012 to be assured... for TDD users. SUPPLEMENTARY INFORMATION: Title: Business and Industry Loan Program. OMB Number: 0570...

Security evaluation and assurance of electronic health records.

PubMed

Weber-Jahnke, Jens H

2009-01-01

Electronic Health Records (EHRs) maintain information of sensitive nature. Security requirements in this context are typically multilateral, encompassing the viewpoints of multiple stakeholders. Two main research questions arise from a security assurance point of view, namely how to demonstrate the internal correctness of EHRs and how to demonstrate their conformance in relation to multilateral security regulations. The above notions of correctness and conformance directly relate to the general concept of system verification, which asks the question "are we building the system right?" This should not be confused with the concept of system validation, which asks the question "are we building the right system?" Much of the research in the medical informatics community has been concerned with the latter aspect (validation). However, trustworthy security requires assurances that standards are followed and specifications are met. The objective of this paper is to contribute to filling this gap. We give an introduction to fundamentals of security assurance, summarize current assurance standards, and report on experiences with using security assurance methodology applied to the EHR domain, specifically focusing on case studies in the Canadian context.

NASA guidelines for assuring the adequacy and appropriateness of security safeguards in sensitive applications

NASA Technical Reports Server (NTRS)

Tompkins, F. G.

1984-01-01

The Office of Management and Budget (OMB) Circular A-71, transmittal Memorandum No. 1, requires that each agency establish a management control process to assure that appropriate administrative, physical and technical safeguards are incorporated into all new computer applications. In addition to security specifications, the management control process should assure that the safeguards are adequate for the application. The security activities that should be integral to the system development process are examined. The software quality assurance process to assure that adequate and appropriate controls are incorporated into sensitive applications is also examined. Security for software packages is also discussed.

Diamond High Assurance Security Program: Trusted Computing Exemplar

DTIC Science & Technology

2002-09-01

computing component, the Embedded MicroKernel Prototype. A third-party evaluation of the component will be initiated during development (e.g., once...target technologies and larger projects is a topic for future research. Trusted Computing Reference Component – The Embedded MicroKernel Prototype We...Kernel The primary security function of the Embedded MicroKernel will be to enforce process and data-domain separation, while providing primitive

Benefits a Community College Can Realize by Providing Older Adult Programs: A Trustee's Viewpoint.

ERIC Educational Resources Information Center

Hartstein, Ray

Board members of community colleges need to carefully consider and actively support feasible programs for older people with a firm commitment to fiscal and programmatic decisions assuring lifelong learning opportunities and public service activities. Trustees must be aware of and understand problems and issues of older adults, secure data for…

Fast, Parallel and Secure Cryptography Algorithm Using Lorenz's Attractor

NASA Astrophysics Data System (ADS)

Marco, Anderson Gonçalves; Martinez, Alexandre Souto; Bruno, Odemir Martinez

A novel cryptography method based on the Lorenz's attractor chaotic system is presented. The proposed algorithm is secure and fast, making it practical for general use. We introduce the chaotic operation mode, which provides an interaction among the password, message and a chaotic system. It ensures that the algorithm yields a secure codification, even if the nature of the chaotic system is known. The algorithm has been implemented in two versions: one sequential and slow and the other, parallel and fast. Our algorithm assures the integrity of the ciphertext (we know if it has been altered, which is not assured by traditional algorithms) and consequently its authenticity. Numerical experiments are presented, discussed and show the behavior of the method in terms of security and performance. The fast version of the algorithm has a performance comparable to AES, a popular cryptography program used commercially nowadays, but it is more secure, which makes it immediately suitable for general purpose cryptography applications. An internet page has been set up, which enables the readers to test the algorithm and also to try to break into the cipher.

Future of Assurance: Ensuring that a System is Trustworthy

NASA Astrophysics Data System (ADS)

Sadeghi, Ahmad-Reza; Verbauwhede, Ingrid; Vishik, Claire

Significant efforts are put in defining and implementing strong security measures for all components of the comput-ing environment. It is equally important to be able to evaluate the strength and robustness of these measures and establish trust among the components of the computing environment based on parameters and attributes of these elements and best practices associated with their production and deployment. Today the inventory of techniques used for security assurance and to establish trust -- audit, security-conscious development process, cryptographic components, external evaluation - is somewhat limited. These methods have their indisputable strengths and have contributed significantly to the advancement in the area of security assurance. However, shorter product and tech-nology development cycles and the sheer complexity of modern digital systems and processes have begun to decrease the efficiency of these techniques. Moreover, these approaches and technologies address only some aspects of security assurance and, for the most part, evaluate assurance in a general design rather than an instance of a product. Additionally, various components of the computing environment participating in the same processes enjoy different levels of security assurance, making it difficult to ensure adequate levels of protection end-to-end. Finally, most evaluation methodologies rely on the knowledge and skill of the evaluators, making reliable assessments of trustworthiness of a system even harder to achieve. The paper outlines some issues in security assurance that apply across the board, with the focus on the trustworthiness and authenticity of hardware components and evaluates current approaches to assurance.

78 FR 48424 - 36(b)(1) Arms Sales Notification

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-08

... Notification AGENCY: Defense Security Cooperation Agency, Department of Defense ACTION: Notice. SUMMARY: The..., personnel training and training equipment, site surveys, Quality Assurance Teams, U.S. Government and... Teams, U.S. Government and contractor technical assistance, and other related elements of program and...

Information Assurance in Saudi Organizations - An Empirical Study

NASA Astrophysics Data System (ADS)

Nabi, Syed Irfan; Mirza, Abdulrahman A.; Alghathbar, Khaled

This paper presents selective results of a survey conducted to find out the much needed insight into the status of information security in Saudi Arabian organizations. The purpose of this research is to give the state of information assurance in the Kingdom and to better understand the prevalent ground realities. The survey covered technical aspects of information security, risk management and information assurance management. The results provide deep insights in to the existing level of information assurance in various sectors that can be helpful in better understanding the intricate details of the prevalent information security in the Kingdom. Also, the results can be very useful for information assurance policy makers in the government as well as private sector organizations. There are few empirical studies on information assurance governance available in literature, especially about the Middle East and Saudi Arabia, therefore, the results are invaluable for information security researchers in improving the understanding of information assurance in this region and the Kingdom.

A coverage and slicing dependencies analysis for seeking software security defects.

PubMed

He, Hui; Zhang, Dongyan; Liu, Min; Zhang, Weizhe; Gao, Dongmin

2014-01-01

Software security defects have a serious impact on the software quality and reliability. It is a major hidden danger for the operation of a system that a software system has some security flaws. When the scale of the software increases, its vulnerability has becoming much more difficult to find out. Once these vulnerabilities are exploited, it may lead to great loss. In this situation, the concept of Software Assurance is carried out by some experts. And the automated fault localization technique is a part of the research of Software Assurance. Currently, automated fault localization method includes coverage based fault localization (CBFL) and program slicing. Both of the methods have their own location advantages and defects. In this paper, we have put forward a new method, named Reverse Data Dependence Analysis Model, which integrates the two methods by analyzing the program structure. On this basis, we finally proposed a new automated fault localization method. This method not only is automation lossless but also changes the basic location unit into single sentence, which makes the location effect more accurate. Through several experiments, we proved that our method is more effective. Furthermore, we analyzed the effectiveness among these existing methods and different faults.

Advanced Simulation and Computing Business Plan

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rummel, E.

To maintain a credible nuclear weapons program, the National Nuclear Security Administration’s (NNSA’s) Office of Defense Programs (DP) needs to make certain that the capabilities, tools, and expert staff are in place and are able to deliver validated assessments. This requires a complete and robust simulation environment backed by an experimental program to test ASC Program models. This ASC Business Plan document encapsulates a complex set of elements, each of which is essential to the success of the simulation component of the Nuclear Security Enterprise. The ASC Business Plan addresses the hiring, mentoring, and retaining of programmatic technical staff responsiblemore » for building the simulation tools of the nuclear security complex. The ASC Business Plan describes how the ASC Program engages with industry partners—partners upon whom the ASC Program relies on for today’s and tomorrow’s high performance architectures. Each piece in this chain is essential to assure policymakers, who must make decisions based on the results of simulations, that they are receiving all the actionable information they need.« less

How ISO/IEC 17799 can be used for base lining information assurance among entities using data mining for defense, homeland security, commercial, and other civilian/commercial domains

NASA Astrophysics Data System (ADS)

Perry, William G.

2006-04-01

One goal of database mining is to draw unique and valid perspectives from multiple data sources. Insights that are fashioned from closely-held data stores are likely to possess a high degree of reliability. The degree of information assurance comes into question, however, when external databases are accessed, combined and analyzed to form new perspectives. ISO/IEC 17799, Information technology-Security techniques-Code of practice for information security management, can be used to establish a higher level of information assurance among disparate entities using data mining in the defense, homeland security, commercial and other civilian/commercial domains. Organizations that meet ISO/IEC information security standards have identified and assessed risks, threats and vulnerabilities and have taken significant proactive steps to meet their unique security requirements. The ISO standards address twelve domains: risk assessment and treatment, security policy, organization of information security, asset management, human resources security, physical and environmental security, communications and operations management, access control, information systems acquisition, development and maintenance, information security incident management and business continuity management and compliance. Analysts can be relatively confident that if organizations are ISO 17799 compliant, a high degree of information assurance is likely to be a characteristic of the data sets being used. The reverse may be true. Extracting, fusing and drawing conclusions based upon databases with a low degree of information assurance may be wrought with all of the hazards that come from knowingly using bad data to make decisions. Using ISO/IEC 17799 as a baseline for information assurance can help mitigate these risks.

Models for Information Assurance Education and Outreach: Year 3 and Summative Report

ERIC Educational Resources Information Center

Wang, Jianjun

2015-01-01

Over the past three years, California State University, Bakersfield received NSF funding to support hands-on explorations in "network security" and "cryptography" through Research Experience Vitalizing Science-University Program (REVS-UP). In addition to the summer bridge component, the grant included development of…

Assurance: the power behind PCASSO security.

PubMed Central

Baker, D. B.; Masys, D. R.; Jones, R. L.; Barnhart, R. M.

1999-01-01

The need for security protection in Internet-based healthcare applications is generally acknowledged. Most healthcare applications that use the Internet have at least implemented some kind of encryption. Most applications also enforce user authentication and access control policies, and many audit user actions. However, most fall short on providing strong assurances that the security mechanisms are behaving as expected and that they cannot be subverted. While no system can claim to be totally "bulletproof," PCASSO provides assurance of correct operation through formal, disciplined design and development methodologies, as well as through functional and penetration testing. Through its security mechanisms, backed by strong system assurances, PCASSO is demonstrating "safe" use of public data networks for health care. PMID:10566443

Safe teleradiology: information assurance as project planning methodology

NASA Astrophysics Data System (ADS)

Collmann, Jeff R.; Alaoui, Adil; Nguyen, Dan; Lindisch, David

2003-05-01

This project demonstrates use of OCTAVE, an information security risk assessment method, as an approach to the safe design and planning of a teleradiology system. By adopting this approach to project planning, we intended to provide evidence that including information security as an intrinsic component of project planning improves information assurance and that using information assurance as a planning tool produces and improves the general system management plan. Several considerations justify this approach to planning a safe teleradiology system. First, because OCTAVE was designed as a method for retrospectively assessing and proposing enhancements for the security of existing information management systems, it should function well as a guide to prospectively designing and deploying a secure information system such as teleradiology. Second, because OCTAVE provides assessment and planning tools for use primarily by interdisciplinary teams from user organizations, not consultants, it should enhance the ability of such teams at the local level to plan safe information systems. Third, from the perspective of sociological theory, OCTAVE explicitly attempts to enhance organizational conditions identified as necessary to safely manage complex technologies. Approaching information system design from the perspective of information security risk management proactively integrates health information assurance into a project"s core. This contrasts with typical approaches that perceive "security" as a secondary attribute to be "added" after designing the system and with approaches that identify information assurance only with security devices and user training. The perspective of health information assurance embraces so many dimensions of a computerized health information system"s design that one may successfully deploy a method for retrospectively assessing information security risk as a prospective planning tool. From a sociological perspective, this approach enhances the general conditions as well as establishes specific policies and procedures for reliable performance of health information assurance.

The ALL-OUT Library; A Design for Computer-Powered, Multidimensional Services.

ERIC Educational Resources Information Center

Sleeth, Jim; LaRue, James

1983-01-01

Preliminary description of design of electronic library and home information delivery system highlights potentials of personal computer interface program (applying for service, assuring that users are valid, checking for measures, searching, locating titles) and incorporation of concepts used in other information systems (security checks,…

Incorporating Global Information Security and Assurance in I.S. Education

ERIC Educational Resources Information Center

White, Garry L.; Hewitt, Barbara; Kruck, S. E.

2013-01-01

Over the years, the news media has reported numerous information security incidents. Because of identity theft, terrorism, and other criminal activities, President Obama has made information security a national priority. Not only is information security and assurance an American priority, it is also a global issue. This paper discusses the…

A Systematic Comprehensive Computational Model for Stake Estimation in Mission Assurance: Applying Cyber Security Econometrics System (CSES) to Mission Assurance Analysis Protocol (MAAP)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T; Grimaila, Michael R

2010-01-01

In earlier works, we presented a computational infrastructure that allows an analyst to estimate the security of a system in terms of the loss that each stakeholder stands to sustain as a result of security breakdowns. In this paper, we discuss how this infrastructure can be used in the subject domain of mission assurance as defined as the full life-cycle engineering process to identify and mitigate design, production, test, and field support deficiencies of mission success. We address the opportunity to apply the Cyberspace Security Econometrics System (CSES) to Carnegie Mellon University and Software Engineering Institute s Mission Assurance Analysismore » Protocol (MAAP) in this context.« less

Centralized automated quality assurance for large scale health care systems. A pilot method for some aspects of dental radiography.

PubMed

Benn, D K; Minden, N J; Pettigrew, J C; Shim, M

1994-08-01

President Clinton's Health Security Act proposes the formation of large scale health plans with improved quality assurance. Dental radiography consumes 4% ($1.2 billion in 1990) of total dental expenditure yet regular systematic office quality assurance is not performed. A pilot automated method is described for assessing density of exposed film and fogging of unexposed processed film. A workstation and camera were used to input intraoral radiographs. Test images were produced from a phantom jaw with increasing exposure times. Two radiologists subjectively classified the images as too light, acceptable, or too dark. A computer program automatically classified global grey level histograms from the test images as too light, acceptable, or too dark. The program correctly classified 95% of 88 clinical films. Optical density of unexposed film in the range 0.15 to 0.52 measured by computer was reliable to better than 0.01. Further work is needed to see if comprehensive centralized automated radiographic quality assurance systems with feedback to dentists are feasible, are able to improve quality, and are significantly cheaper than conventional clerical methods.

Execution of a self-directed risk assessment methodology to address HIPAA data security requirements

NASA Astrophysics Data System (ADS)

Coleman, Johnathan

2003-05-01

This paper analyzes the method and training of a self directed risk assessment methodology entitled OCTAVE (Operationally Critical Threat Asset and Vulnerability Evaluation) at over 170 DOD medical treatment facilities. It focuses specifically on how OCTAVE built interdisciplinary, inter-hierarchical consensus and enhanced local capabilities to perform Health Information Assurance. The Risk Assessment Methodology was developed by the Software Engineering Institute at Carnegie Mellon University as part of the Defense Health Information Assurance Program (DHIAP). The basis for its success is the combination of analysis of organizational practices and technological vulnerabilities. Together, these areas address the core implications behind the HIPAA Security Rule and can be used to develop Organizational Protection Strategies and Technological Mitigation Plans. A key component of OCTAVE is the inter-disciplinary composition of the analysis team (Patient Administration, IT staff and Clinician). It is this unique composition of analysis team members, along with organizational and technical analysis of business practices, assets and threats, which enables facilities to create sound and effective security policies. The Risk Assessment is conducted in-house, and therefore the process, results and knowledge remain within the organization, helping to build consensus in an environment of differing organizational and disciplinary perspectives on Health Information Assurance.

NASA Automatic Information Security Handbook

NASA Technical Reports Server (NTRS)

1993-01-01

This handbook details the Automated Information Security (AIS) management process for NASA. Automated information system security is becoming an increasingly important issue for all NASA managers and with rapid advancements in computer and network technologies and the demanding nature of space exploration and space research have made NASA increasingly dependent on automated systems to store, process, and transmit vast amounts of mission support information, hence the need for AIS systems and management. This handbook provides the consistent policies, procedures, and guidance to assure that an aggressive and effective AIS programs is developed, implemented, and sustained at all NASA organizations and NASA support contractors.

Implementing a High-Assurance Smart-Card OS

NASA Astrophysics Data System (ADS)

Karger, Paul A.; Toll, David C.; Palmer, Elaine R.; McIntosh, Suzanne K.; Weber, Samuel; Edwards, Jonathan W.

Building a high-assurance, secure operating system for memory constrained systems, such as smart cards, introduces many challenges. The increasing power of smart cards has made their use feasible in applications such as electronic passports, military and public sector identification cards, and cell-phone based financial and entertainment applications. Such applications require a secure environment, which can only be provided with sufficient hardware and a secure operating system. We argue that smart cards pose additional security challenges when compared to traditional computer platforms. We discuss our design for a secure smart card operating system, named Caernarvon, and show that it addresses these challenges, which include secure application download, protection of cryptographic functions from malicious applications, resolution of covert channels, and assurance of both security and data integrity in the face of arbitrary power losses.

Introduction: Cybersecurity and Software Assurance Minitrack

DOE Office of Scientific and Technical Information (OSTI.GOV)

Burns, Luanne; George, Richard; Linger, Richard C

Modern society is dependent on software systems of remarkable scope and complexity. Yet methods for assuring their security and functionality have not kept pace. The result is persistent compromises and failures despite best efforts. Cybersecurity methods must work together for situational awareness, attack prevention and detection, threat attribution, minimization of consequences, and attack recovery. Because defective software cannot be secure, assurance technologies must play a central role in cybersecurity approaches. There is increasing recognition of the need for rigorous methods for cybersecurity and software assurance. The goal of this minitrack is to develop science foundations, technologies, and practices that canmore » improve the security and dependability of complex systems.« less

NASA Post-Columbia Safety & Mission Assurance, Review and Assessment Initiatives

NASA Astrophysics Data System (ADS)

Newman, J. Steven; Wander, Stephen M.; Vecellio, Don; Miller, Andrew J.

2005-12-01

On February 1, 2003, NASA again experienced a tragic accident as the Space Shuttle Columbia broke apart upon reentry, resulting in the loss of seven astronauts. Several of the findings and observations of the Columbia Accident Investigation Board addressed the need to strengthen the safety and mission assurance function at NASA. This paper highlights key steps undertaken by the NASA Office of Safety and Mission Assurance (OSMA) to establish a stronger and more- robust safety and mission assurance function for NASA programs, projects, facilities and operations. This paper provides an overview of the interlocking OSMA Review and Assessment Division (RAD) institutional and programmatic processes designed to 1) educate, inform, and prepare for audits, 2) verify requirements flow-down, 3) verify process capability, 4) verify compliance with requirements, 5) support risk management decision making, 6) facilitate secure web- based collaboration, and 7) foster continual improvement and the use of lessons learned.

NASA's Microgravity Science Research Program

NASA Technical Reports Server (NTRS)

1996-01-01

The ongoing challenge faced by NASA's Microgravity Science Research Program is to work with the scientific and engineering communities to secure the maximum return from our Nation's investments by: assuring that the best possible science emerges from the science community for microgravity investigations; ensuring the maximum scientific return from each investigation in the most timely and cost-effective manner; and enhancing the distribution of data and applications of results acquired through completed investigations to maximize their benefits.

Underground Test Area Fiscal Year 2014 Annual Quality Assurance Report Nevada National Security Site, Nevada, Revision 0

DOE Office of Scientific and Technical Information (OSTI.GOV)

Krenzien, Susan

2015-01-01

This report is required by the Underground Test Area (UGTA) Quality Assurance Plan (QAP) and identifies the UGTA quality assurance (QA) activities from October 1, 2013, through September 30, 2014 (fiscal year [FY] 2014). All UGTA organizations—U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Field Office (NNSA/NFO); Desert Research Institute (DRI); Lawrence Livermore National Laboratory (LLNL); Los Alamos National Laboratory (LANL); National Security Technologies, LLC (NSTec); Navarro-Intera, LLC (N-I); and the U.S. Geological Survey (USGS)—conducted QA activities in FY 2014. The activities included conducting oversight assessments for QAP compliance, identifying findings and completing corrective actions, evaluating laboratory performance,more » and publishing documents. UGTA Activity participants conducted 25 assessments on topics including safe operations, QAP compliance, activity planning, and sampling. These assessments are summarized in Section 2.0. Corrective actions tracked in FY 2014 are presented in Appendix A. Laboratory performance was evaluated based on three approaches: (1) established performance evaluation programs (PEPs), (2) interlaboratory comparisons, or (3) data review. The results of the laboratory performance evaluations, and interlaboratory comparison results are summarized in Section 4.0. The UGTA Activity published three public documents and a variety of other publications in FY 2014. The titles, dates, and main authors are identified in Section 5.0. The Contract Managers, Corrective Action Unit (CAU) Leads, Preemptive Review (PER) Committee members, and Topical Committee members are listed by name and organization in Section 6.0. Other activities that affected UGTA quality are discussed in Section 7.0. Section 8.0 provides the FY 2014 UGTA QA program conclusions, and Section 9.0 lists the references not identified in Section 5.0.« less

Evaluating Software Assurance Knowledge and Competency of Acquisition Professionals

DTIC Science & Technology

2014-10-01

of ISO 12207 -2008, both internationally and in the United States [7]. That standard documents a comprehensive set of activities and supporting...grows, organizations must ensure that their procurement agents acquire high quality, secure software. ISO 12207 and the Software Assurance Competency...cyberattacks grows, organizations must ensure that their procurement agents acquire high quality, secure software. ISO 12207 and the Software Assurance

78 FR 27399 - Agency Information Collection Activities: Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-10

... Information Collection: Social Security Office (SSO) Report of State Buy-in Problem; Use: Under Section 1843... State Buy-in program is to assure that Medicaid is the payer of last resort by permitting a state to... assistance plan. State Buy-in also has the effect of transferring some medical costs for this population from...

Federal Plan for Cyber Security and Information Assurance Research and Development

DTIC Science & Technology

2006-04-01

Security Systems 103 varieties of the BB84 scheme have been developed, and other forms of quantum key distribution have been proposed. Rapid progress has led... key . Capability Gaps Existing quantum cryptographic protocols may also have weaknesses. Although BB84 is generally regarded as secure , researchers...complement agency-specific prioritization and R&D planning efforts in cyber security and information assurance. The Plan also describes the key Federal

Software Assurance in Acquisition: Mitigating Risks to the Enterprise. A Reference Guide for Security-Enhanced Software Acquisition and Outsourcing

DTIC Science & Technology

2009-02-01

management, available at <http://www.iso.org/ iso /en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=39612&ICS1=35&ICS2=40 &ICS3=>. ISO /IEC 27001 . Information...Management of the Systems Engineering Process. [ ISO /IEC 27001 ] ISO /IEC 27001 :2005. Information technology -- Security techniques -- Information security...software life cycles [ ISO /IEC 15026]. Software assurance is a key element of national security and homeland security. It is critical because dramatic

Safeguards and security research and development: Progress report, October 1994--September 1995

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rutherford, D.R.; Henriksen, P.W.

The primary goal of the Los Alamos Safeguards and Security Technology Development Program, International Safeguards, and other Safeguards and Security Programs is to continue to be the center of excellence in the field of Safeguards and Security. This annual report for 1995 describes those scientific and engineering projects that contribute to all of the aforementioned programs. The authors have presented the information in a different format from previous annual reports. Part I is devoted to Nuclear Material Measurement Systems. Part II contains projects that are specific to Integrated Safeguards Systems. Part III highlights Safeguards Systems Effectiveness Evaluations and Part IVmore » is a compilation of highlights from Information Assurance projects. Finally Part V highlights work on the projects at Los Alamos for International Safeguards. The final part of this annual report lists titles and abstracts of Los Alamos Safeguards and Security Technology Development reports, technical journal articles, and conference papers that were presented and published in 1995. This is the last annual report in this format. The authors wish to thank all of the individuals who have contributed to this annual report and made it so successful over the years.« less

Near-Real-Time Cloud Auditing for Rapid Response

DTIC Science & Technology

2013-10-01

cloud auditing , which provides timely evaluation results and rapid response, is the key to assuring the cloud. In this paper, we discuss security and...providers with possible automation of the audit , assertion, assessment, and assurance of their services. The Cloud Security Alliance (CSA [15]) was formed...monitoring tools, research literature, standards, and other resources related to IA (Information Assurance ) metrics and IT auditing . In the following

HIPAA and the military health system: organizing technological and organizational reform in large enterprises

NASA Astrophysics Data System (ADS)

Collmann, Jeff R.

2001-08-01

The global scale, multiple units, diverse operating scenarios and complex authority structure of the Department of Defense Military Health System (MHS) create social boundaries that tend to reduce communication and collaboration about data security. Under auspices of the Defense Health Information Assurance Program (DHIAP), the Telemedicine and Advanced Technology Research Center (TATRC) is contributing to the MHS's efforts to prepare for and comply with the Health Insurance Portability and Accountability Act (HIPAA) of 1996 through organizational and technological innovations that bridge such boundaries. Building interdisciplinary (clinical, administrative and information technology) medical information security readiness teams (MISRT) at each military treatment facility (MTF) constitutes the heart of this process. DHIAP is equipping and training MISRTs to use new tools including 'OCTAVE', a self-directed risk assessment instrument and 'RIMR', a web-enabled Risk Information Management Resource. DHIAP sponsors an interdisciplinary, triservice workgroup for review and revision of relevant DoD and service policies and participates in formal DoD health information assurance activities. These activities help promote a community of proponents across the MHS supportive of improved health information assurance. The MHS HIPAA-compliance effort teaches important general lessons about organizational reform in large civilian or military enterprises.

Information Assurance and Cyber Defence (Assurance de l’information et cyberdefense)

DTIC Science & Technology

2010-11-01

project is that knowledge exchange in a timely fashion is highly significant. Authentication and Authorisation of Users and Services in Federated...Detection, Protection and Countermeasures; • Security Models and Architectures; • Security Policies, Evaluation, Authorisation and Access Control; and...Evaluation, Authorisation and Access Control • Network and Information Security Awareness The topics for the symposium had been established

Child Support Enforcement Amendments of 1984. Public Law 98-378.

ERIC Educational Resources Information Center

Congress of the U.S., Washington, DC.

This document is the text of Public Law 98-378, the Child Support Enforcement Amendments of 1984. The act amends part D of title IV of the Social Security Act to assure, through mandatory income withholding, incentive payments to states, and other improvements in the child support enforcement program, that all children in the United States who are…

Integrating Information Assurance and Security into IT Education: A Look at the Model Curriculum and Emerging Practice

ERIC Educational Resources Information Center

Dark, Melissa Jane; Ekstrom, Joseph J.; Lunt, Barry M.

2006-01-01

In December 2001 a meeting of interested parties from fifteen four-year IT programs from the US along with representatives from IEEE, ACM, and ABET (CITC-1) began work on the formalization of Information Technology as an accredited academic discipline. The effort has evolved into SIGITE, the ACM SIG for Information Technology Education. During…

75 FR 33313 - Medicare and Medicaid Programs; Procedure for Hospitals Seeking To Enter Into an Agreement With a...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-11

... Social Security Act (the Act), seeks to enter into an agreement with a different Organ Procurement... process affords the public an opportunity to comment on the proposed change and to submit information and material with respect to whether the change is likely to increase organ donation and will assure equitable...

Stockpile Stewardship: Los Alamos

ScienceCinema

McMillan, Charlie; Morgan, Nathanial; Goorley, Tom; Merrill, Frank; Funk, Dave; Korzekwa, Deniece; Laintz, Ken

2018-01-16

"Heritage of Science" is a short video that highlights the Stockpile Stewardship program at Los Alamos National Laboratory. Stockpile Stewardship was conceived in the early 1990s as a national science-based program that could assure the safety, security, and effectiveness of the U.S. nuclear deterrent without the need for full-scale underground nuclear testing. This video was produced by Los Alamos National Laboratory for screening at the Lab's Bradbury Science Museum in Los Alamos, NM and is narrated by science correspondent Miles O'Brien.

Separation Kernel Protection Profile Revisited: Choices and Rationale

DTIC Science & Technology

2010-12-01

provide the most stringent protection and rigorous security countermeasures” [ IATF ]. In other words, robustness is not the same as assurance. Figure 3... IATF Information Assurance Technical Framework, Chapter 4, Release 3.1, National Security Agency, September 2002. Karjoth01 G. Karjoth, “The

Software Assurance Best Practices for Air Force Weapon and Information Technology Systems - Are We Bleeding

DTIC Science & Technology

2008-03-01

in applications is software assurance. There are many subtle variations to the software assurance definition (Goertzel, et al ., 2007), but the DoD...Gary McGraw (2006), and Thorsten 18 Schneider (2006). Goertzel, et al . (2007), lists and compares several security-enhanced software development...detailed by Goertzel, et al ., is the Microsoft Trustworthy Computing Security Development Lifecycle (SDL), shown in the following figure: Figure 6

Quality assurance of data collection in the multi-site community randomized trial and prevalence survey of the children's healthy living program.

PubMed

Yamanaka, Ashley; Fialkowski, Marie Kainoa; Wilkens, Lynne; Li, Fenfang; Ettienne, Reynolette; Fleming, Travis; Power, Julianne; Deenik, Jonathan; Coleman, Patricia; Leon Guerrero, Rachael; Novotny, Rachel

2016-09-02

Quality assurance plays an important role in research by assuring data integrity, and thus, valid study results. We aim to describe and share the results of the quality assurance process used to guide the data collection process in a multi-site childhood obesity prevalence study and intervention trial across the US Affiliated Pacific Region. Quality assurance assessments following a standardized protocol were conducted by one assessor in every participating site. Results were summarized to examine and align the implementation of protocol procedures across diverse settings. Data collection protocols focused on food and physical activity were adhered to closely; however, protocols for handling completed forms and ensuring data security showed more variability. Quality assurance protocols are common in the clinical literature but are limited in multi-site community-based studies, especially in underserved populations. The reduction in the number of QA problems found in the second as compared to the first data collection periods for the intervention study attest to the value of this assessment. This paper can serve as a reference for similar studies wishing to implement quality assurance protocols of the data collection process to preserve data integrity and enhance the validity of study findings. NIH clinical trial #NCT01881373.

Innovative Model for Information Assurance Curriculum: A Teaching Hospital

ERIC Educational Resources Information Center

Goel, Sanjay; Pon, Damira; Bloniarz, Peter; Bangert-Drowns, Robert; Berg, George; Delio, Vince; Iwan, Laura; Hurbanek, Thomas; Schuman, Sandoor P.; Gangolly, Jagdish; Baykal, Adnan; Hobbs, Jon

2006-01-01

A novel idea for information security education created by the New York State Center for Information Forensics and Assurance (CIFA) is presented. This new approach incorporates a teaching hospital model originally developed for medical training. In this model, information security problems from industry and government are solved and abstracted…

New Brunswick Laboratory: Progress report, October 1987--September 1988

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

NBL has been tasked by the DOE Office of Safeguards and Security, Defense Programs (OSS/DP) to assure the application of accurate and reliable measurement technology for the safeguarding of special nuclear materials. NBL is fulfilling its mission responsibilities by identifying and addressing the measurement and measurement-related needs of the nuclear material safeguards community. These responsibilities are being addressed by activities in the following program areas: (1) reference and calibration materials, (2) measurement development, (3) measurement services, (4) measurement evaluation, (5) safeguards assessment, and (6) site-specific assistance. Highlights of each of these programs areas are provided in this summary.

Information Assurance in Wireless Networks

NASA Astrophysics Data System (ADS)

Kabara, Joseph; Krishnamurthy, Prashant; Tipper, David

2001-09-01

Emerging wireless networks will contain a hybrid infrastructure based on fixed, mobile and ad hoc topologies and technologies. In such a dynamic architecture, we define information assurance as the provisions for both information security and information availability. The implications of this definition are that the wireless network architecture must (a) provide sufficient security measures, (b) be survivable under node or link attack or failure and (c) be designed such that sufficient capacity remains for all critical services (and preferably most other services) in the event of attack or component failure. We have begun a research project to investigate the provision of information assurance for wireless networks viz. survivability, security and availability and here discuss the issues and challenges therein.

2010 Nevada National Security Site Annual Illness and Injury Surveillance Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

U.S. Department of Energy, Office of Health, Safety and Health, Office of Health and Safety, Office of Illness and Injury Prevention Programs

2011-07-28

The U.S. Department of Energy's (DOE) commitment to assuring the health and safety of its workers includes the conduct of illness and injury surveillance activities that provide an early warning system to detect health problems among workers. The Illness and Injury Surveillance Program monitors illnesses and health conditions that result in an absence, occupational injuries and illnesses, and disabilities and deaths among current workers.

2006 Y-12 National Security Complex Annual Illness and Injury Surveillance Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

U.S. Department of Energy, Office of Health, Safety and Health, Office of Health and Safety, Office of Illness and Injury Prevention Programs

2008-04-17

The U.S. Department of Energy’s (DOE) commitment to assuring the health and safety of its workers includes the conduct of illness and injury surveillance activities that provide an early warning system to detect health problems among workers. The Illness and Injury Surveillance Program monitors illnesses and health conditions that result in an absence, occupational injuries and illnesses, and disabilities and deaths among current workers.

2009 Y-12 National Security Complex Annual Illness and Injury Surveillance Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

U.S. Department of Energy, Office of Health, Safety and Security, Office of Health and Safety, Office of Illness and Injury Prevention Programs

2010-07-09

The U.S. Department of Energy’s (DOE) commitment to assuring the health and safety of its workers includes the conduct of epidemiologic surveillance activities that provide an early warning system for health problems among workers. The Illness and Injury Surveillance Program monitors illnesses and health conditions that result in an absence of workdays, occupational injuries and illnesses, and disabilities and deaths among current workers.

2008 Y-12 National Security Complex Annual Illness and Injury Surveillance Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

U.S. Department of Energy, Office of Health, Safety and Security, Office of Health and Safety, Office of Illness and Injury Prevention Programs

2009-12-11

The U.S. Department of Energy’s (DOE) commitment to assuring the health and safety of its workers includes the conduct of epidemiologic surveillance activities that provide an early warning system for health problems among workers. The Illness and Injury Surveillance Program monitors illnesses and health conditions that result in an absence of workdays, occupational injuries and illnesses, and disabilities and deaths among current workers.

2010 Y-12 National Security Complex Annual Illness and Injury Surveillance Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

U.S. Department of Energy, Office of Health, Safety and Health, Office of Health and Safety, Office of Illness and Injury Prevention Programs

2011-08-31

The U.S. Department of Energy's (DOE) commitment to assuring the health and safety of its workers includes the conduct of illness and injury surveillance activities that provide an early warning system to detect health problems among workers. The Illness and Injury Surveillance Program monitors illnesses and health conditions that result in an absence, occupational injuries and illnesses, and disabilities and deaths among current workers.

2007 Y-12 National Security Complex Annual Illness and Injury Surveillance Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

U.S. Department of Energy, Office of Health, Safety and Health, Office of Health and Safety, Office of Illness and Injury Prevention Programs

2009-07-01

The U.S. Department of Energy’s (DOE) commitment to assuring the health and safety of its workers includes the conduct of epidemiologic surveillance activities that provide an early warning system for health problems among workers. The Illness and Injury Surveillance Program monitors illnesses and health conditions that result in an absence of workdays, occupational injuries and illnesses, and disabilities and deaths among current workers.

23 CFR Appendix D to Part 1200 - CERTIFICATIONS AND ASSURANCES FOR NATIONAL PRIORITY SAFETY PROGRAM GRANTS (23 U.S.C. 405)

Code of Federal Regulations, 2013 CFR

2013-04-01

... seat belt or age appropriate child restraint • Coverage of all passenger motor vehicles • Minimum fine... occupants riding in a passenger motor vehicle to be restrained in a seat belt or a child restraint, was... secured in a seat belt or age-appropriate child restraint while in a passenger motor vehicle and a minimum...

23 CFR Appendix D to Part 1200 - Certifications and Assurances for National Priority Safety Program Grants (23 U.S.C. 405)

Code of Federal Regulations, 2014 CFR

2014-04-01

... seat belt or age appropriate child restraint • Coverage of all passenger motor vehicles • Minimum fine... occupants riding in a passenger motor vehicle to be restrained in a seat belt or a child restraint, was... secured in a seat belt or age-appropriate child restraint while in a passenger motor vehicle and a minimum...

Innovative Quality-Assurance Strategies for Tuberculosis Surveillance in the United States

PubMed Central

Manangan, Lilia Ponce; Tryon, Cheryl; Magee, Elvin; Miramontes, Roque

2012-01-01

Introduction. The Centers for Disease Control and Prevention (CDC)'s National Tuberculosis Surveillance System (NTSS) is the national repository of tuberculosis (TB) data in the United States. Jurisdictions report to NTSS through the Report of Verified Case of Tuberculosis (RVCT) form that transitioned to a web-based system in 2009. Materials and Methods. To improve RVCT data quality, CDC conducted a quality assurance (QA) needs assessment to develop QA strategies. These include QA components (case detection, data accuracy, completeness, timeliness, data security, and confidentiality); sample tools such as National TB Indicators Project (NTIP) to identify TB case reporting discrepancies; comprehensive training course; resource guide and toolkit. Results and Discussion. During July–September 2011, 73 staff from 34 (57%) of 60 reporting jurisdictions participated in QA training. Participants stated usefulness of sharing jurisdictions' QA methods; 66 (93%) wrote that the QA tools will be effective for their activities. Several jurisdictions reported implementation of QA tools pertinent to their programs. Data showed >8% increase in NTSS and NTIP enrollment through Secure Access Management Services, which monitors system usage, from August 2011–February 2012. Conclusions. Despite challenges imposed by web-based surveillance systems, QA strategies can be developed with innovation and collaboration. These strategies can also be used by other disease programs to ensure high data quality. PMID:22685648

Underground Test Area Fiscal Year 2013 Annual Quality Assurance Report Nevada National Security Site, Nevada, Revision 0

DOE Office of Scientific and Technical Information (OSTI.GOV)

Krenzien, Susan; Marutzky, Sam

This report is required by the Underground Test Area (UGTA) Quality Assurance Plan (QAP) and identifies the UGTA quality assurance (QA) activities for fiscal year (FY) 2013. All UGTA organizations—U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Field Office (NNSA/NFO); Desert Research Institute (DRI); Lawrence Livermore National Laboratory (LLNL); Los Alamos National Laboratory (LANL); Navarro-Intera, LLC (N-I); National Security Technologies, LLC (NSTec); and the U.S. Geological Survey (USGS)—conducted QA activities in FY 2013. The activities included conducting assessments, identifying findings and completing corrective actions, evaluating laboratory performance, and publishing documents. In addition, integrated UGTA required reading and correctivemore » action tracking was instituted.« less

Federal Communications Commission (FCC) Transponder Loading Data Conversion Software. User's guide and software maintenance manual, version 1.2

NASA Technical Reports Server (NTRS)

Mallasch, Paul G.

1993-01-01

This volume contains the complete software system documentation for the Federal Communications Commission (FCC) Transponder Loading Data Conversion Software (FIX-FCC). This software was written to facilitate the formatting and conversion of FCC Transponder Occupancy (Loading) Data before it is loaded into the NASA Geosynchronous Satellite Orbital Statistics Database System (GSOSTATS). The information that FCC supplies NASA is in report form and must be converted into a form readable by the database management software used in the GSOSTATS application. Both the User's Guide and Software Maintenance Manual are contained in this document. This volume of documentation passed an independent quality assurance review and certification by the Product Assurance and Security Office of the Planning Research Corporation (PRC). The manuals were reviewed for format, content, and readability. The Software Management and Assurance Program (SMAP) life cycle and documentation standards were used in the development of this document. Accordingly, these standards were used in the review. Refer to the System/Software Test/Product Assurance Report for the Geosynchronous Satellite Orbital Statistics Database System (GSOSTATS) for additional information.

Norwegian Security Determinants: Deterrence and Reassurance.

DTIC Science & Technology

1984-03-01

September 1979, pp. 20-25; Rear Admiral 104 |eve Roy Breivik , R.N.N., Inspector General, "Assuring the Security of Reinforcements to Norway," NATO’s Fift...2-15; a:zc $ Patrick Wall, "The Third Battle of the Atlantic," i Power, July 1981, pp. 52-57. 11 Richard K. Betts, "Surprise Attack: NATO’s...Force," NATO’s Fifteen Nations, December 1977-January 1978, pp. 81-89. 186 Breivik , Pear Admiral Roy, R.N.N., "Assuring the Security: of Reinforcements

76 FR 35245 - Country Investors Life Assurance Company, et al.

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-16

... Life Assurance Company, et al. June 9, 2011. AGENCY: Securities and Exchange Commission (the.... Applicants: COUNTRY Investors Life Assurance Company (the ``Company''), COUNTRY Investors Variable Life Account (the ``Life Account'') and COUNTRY Investors Variable Annuity Account (the ``Annuity Account...

Process Security in Chemical Engineering Education

ERIC Educational Resources Information Center

Piluso, Cristina; Uygun, Korkut; Huang, Yinlun; Lou, Helen H.

2005-01-01

The threats of terrorism have greatly alerted the chemical process industries to assure plant security at all levels: infrastructure-improvement-focused physical security, information-protection-focused cyber security, and design-and-operation-improvement-focused process security. While developing effective plant security methods and technologies…

Some attributes of a language for property-based testing.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Neagoe, Vicentiu; Bishop, Matt

Property-based testing is a testing technique that evaluates executions of a program. The method checks that specifications, called properties, hold throughout the execution of the program. TASpec is a language used to specify these properties. This paper compares some attributes of the language with the specification patterns used for model-checking languages, and then presents some descriptions of properties that can be used to detect common security flaws in programs. This report describes the results of a one year research project at the University of California, Davis, which was funded by a University Collaboration LDRD entitled ''Property-based Testing for Cyber Securitymore » Assurance''.« less

10 CFR 63.144 - Quality assurance program change.

Code of Federal Regulations, 2013 CFR

2013-01-01

... assurance program information that duplicates language in quality assurance regulatory guides and quality... 10 Energy 2 2013-01-01 2013-01-01 false Quality assurance program change. 63.144 Section 63.144... REPOSITORY AT YUCCA MOUNTAIN, NEVADA Quality Assurance § 63.144 Quality assurance program change. Changes to...

10 CFR 63.144 - Quality assurance program change.

Code of Federal Regulations, 2014 CFR

2014-01-01

... assurance program information that duplicates language in quality assurance regulatory guides and quality... 10 Energy 2 2014-01-01 2014-01-01 false Quality assurance program change. 63.144 Section 63.144... REPOSITORY AT YUCCA MOUNTAIN, NEVADA Quality Assurance § 63.144 Quality assurance program change. Changes to...

10 CFR 63.144 - Quality assurance program change.

Code of Federal Regulations, 2012 CFR

2012-01-01

... assurance program information that duplicates language in quality assurance regulatory guides and quality... 10 Energy 2 2012-01-01 2012-01-01 false Quality assurance program change. 63.144 Section 63.144... REPOSITORY AT YUCCA MOUNTAIN, NEVADA Quality Assurance § 63.144 Quality assurance program change. Changes to...

48 CFR 370.402 - Assurances.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 4 2011-10-01 2011-10-01 false Assurances. 370.402 Section 370.402 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES HHS SUPPLEMENTATIONS... 20892, as early as possible to secure the necessary assurances. (c) A contractor providing animal care...

48 CFR 370.402 - Assurances.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 4 2014-10-01 2014-10-01 false Assurances. 370.402 Section 370.402 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES HHS SUPPLEMENTATIONS... 20892, as early as possible to secure the necessary assurances. (c) A contractor providing animal care...

48 CFR 370.402 - Assurances.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 4 2013-10-01 2013-10-01 false Assurances. 370.402 Section 370.402 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES HHS SUPPLEMENTATIONS... 20892, as early as possible to secure the necessary assurances. (c) A contractor providing animal care...

48 CFR 370.402 - Assurances.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 4 2010-10-01 2010-10-01 false Assurances. 370.402 Section 370.402 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES HHS SUPPLEMENTATIONS... 20892, as early as possible to secure the necessary assurances. (c) A contractor providing animal care...

48 CFR 370.402 - Assurances.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 4 2012-10-01 2012-10-01 false Assurances. 370.402 Section 370.402 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES HHS SUPPLEMENTATIONS... 20892, as early as possible to secure the necessary assurances. (c) A contractor providing animal care...

Software Assurance Curriculum Project Volume 2: Undergraduate Course Outlines

DTIC Science & Technology

2010-08-01

Contents Acknowledgments iii Abstract v 1 An Undergraduate Curriculum Focus on Software Assurance 1 2 Computer Science I 7 3 Computer Science II...confidence that can be integrated into traditional software development and acquisition process models . Thus, in addition to a technology focus...testing throughout the software development life cycle ( SDLC ) AP Security and complexity—system development challenges: security failures

23 CFR 637.207 - Quality assurance program.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 23 Highways 1 2010-04-01 2010-04-01 false Quality assurance program. 637.207 Section 637.207... CONSTRUCTION INSPECTION AND APPROVAL Quality Assurance Procedures for Construction § 637.207 Quality assurance program. (a) Each STD's quality assurance program shall provide for an acceptance program and an...

SECURE MATHEMATICALLY- ASSURED COMPOSITION OF CONTROL MODELS

DTIC Science & Technology

2017-09-27

and in fact, often introduces new vulnerabilities that can be exploited. The situation is even worse for em - bedded software because it is often...fork- bomb is a program which continuously replicates itself, thus making it very hard to kill off all instances of the forkbomb. This causes the...binaries. In Eduardo Tovar, editor, IEEE Real-Time and Em - bedded Technology and Applications Symposium (RTAS), pages 97–106, Philadelphia, USA, April 2013

The Water Security Hydra

NASA Astrophysics Data System (ADS)

Lall, U.

2017-12-01

As the editor of a new journal on water security, I have been pondering what it can mean theoretically and practically. At one level, it is pretty aobvious that it refers to the ability to affordably and reliably access water of appropriate quality, and to be protected from the water related ravages of nature, such as floods, droughts and water borne disease. The concept of water security can apply to a family, a company, a state or globally. Of course, since we value the environment, water security embraces the needs of the environment. Where, we consider economic development or energy production, water security also emerges as a critical factor. So, in short it touches almost all things about water that pertain to our lives. New stresses are created by a changing climate, growing populations and an ever changing society, economic activity and environment. Thus, if assuring water security is a goal at any of the scales of interest, many factors need to be considered, and what can really be assured, where and for how long emerges as an interesting question. Local (place, time, individuals, politics) as well as global (climate, economics, hydrology) factors interact to determine outcomes, not all of which are readily mapped in our mathematical or cognitive models to a functional notion of what constitutes security in the face of changing conditions and actors. Further, assurance implies going beyond characterization to developing actions, responses to stressors and risk mitigation strategies. How these perform in the short and long run, and what are the outcomes and strategies for impact mitigation in the event of failure then determines water security. Recognizing that providing assurance of water security has always been the goal of water management, regulation and development, perhaps the challenge is to understand what this means from the perspective of not just the "water managers" but the individuals who are the unwitting beneficiaries, or the instruments for the approval of the strategies that are implemented. In this talk, I will strive to lay out a cognitive framework for how performance evaluation of water security, and instrument design for assurance can be approached from a multi-stress and multi-user perspective. Selected examples will be used to lillustrate the idea in the context of America's Water.

Organizing safety: conditions for successful information assurance programs.

PubMed

Collmann, Jeff; Coleman, Johnathan; Sostrom, Kristen; Wright, Willie

2004-01-01

Organizations must continuously seek safety. When considering computerized health information systems, "safety" includes protecting the integrity, confidentiality, and availability of information assets such as patient information, key components of the technical information system, and critical personnel. "High Reliability Theory" (HRT) argues that organizations with strong leadership support, continuous training, redundant safety mechanisms, and "cultures of high reliability" can deploy and safely manage complex, risky technologies such as nuclear weapons systems or computerized health information systems. In preparation for the Health Insurance Portability and Accountability Act (HIPAA) of 1996, the Office of the Assistant Secretary of Defense (Health Affairs), the Offices of the Surgeons General of the United States Army, Navy and Air Force, and the Telemedicine and Advanced Technology Research Center (TATRC), US Army Medical Research and Materiel Command sponsored organizational, doctrinal, and technical projects that individually and collectively promote conditions for a "culture of information assurance." These efforts include sponsoring the "P3 Working Group" (P3WG), an interdisciplinary, tri-service taskforce that reviewed all relevant Department of Defense (DoD), Miliary Health System (MHS), Army, Navy and Air Force policies for compliance with the HIPAA medical privacy and data security regulations; supporting development, training, and deployment of OCTAVE(sm), a self-directed information security risk assessment process; and sponsoring development of the Risk Information Management Resource (RIMR), a Web-enabled enterprise portal about health information assurance.

Technical Reference Suite Addressing Challenges of Providing Assurance for Fault Management Architectural Design

NASA Technical Reports Server (NTRS)

Fitz, Rhonda; Whitman, Gerek

2016-01-01

Research into complexities of software systems Fault Management (FM) and how architectural design decisions affect safety, preservation of assets, and maintenance of desired system functionality has coalesced into a technical reference (TR) suite that advances the provision of safety and mission assurance. The NASA Independent Verification and Validation (IV&V) Program, with Software Assurance Research Program support, extracted FM architectures across the IV&V portfolio to evaluate robustness, assess visibility for validation and test, and define software assurance methods applied to the architectures and designs. This investigation spanned IV&V projects with seven different primary developers, a wide range of sizes and complexities, and encompassed Deep Space Robotic, Human Spaceflight, and Earth Orbiter mission FM architectures. The initiative continues with an expansion of the TR suite to include Launch Vehicles, adding the benefit of investigating differences intrinsic to model-based FM architectures and insight into complexities of FM within an Agile software development environment, in order to improve awareness of how nontraditional processes affect FM architectural design and system health management. The identification of particular FM architectures, visibility, and associated IV&V techniques provides a TR suite that enables greater assurance that critical software systems will adequately protect against faults and respond to adverse conditions. Additionally, the role FM has with regard to strengthened security requirements, with potential to advance overall asset protection of flight software systems, is being addressed with the development of an adverse conditions database encompassing flight software vulnerabilities. Capitalizing on the established framework, this TR suite provides assurance capability for a variety of FM architectures and varied development approaches. Research results are being disseminated across NASA, other agencies, and the software community. This paper discusses the findings and TR suite informing the FM domain in best practices for FM architectural design, visibility observations, and methods employed for IV&V and mission assurance.

An investigative analysis of information assurance issues associated with the GIG's P&P architecture

NASA Astrophysics Data System (ADS)

Farroha, B. S.; Cole, R. G.; Farroha, D. L.; DeSimone, A.

2007-04-01

The Global Information Grid (GIG) is a collection of systems, programs and initiatives aimed at building a secure network and set of information capabilities modeled after the Internet. The GIG is expected to facilitate DoD's transformation by allowing warfighters, policy makers and support personnel to engage in rapid decision making. The roadmap is designed to take advantage of converged services of voice, data, video, and imagery over common data links. The vision is to have commanders identify threats more effectively, make informed decisions, and respond with greater precision and lethality. The information advantage gained through the GIG and network-centric warfare (NCW) allows a warfighting force to achieve dramatically improved information positions, in the form of common operational pictures that provide the basis for shared situational awareness and knowledge, and a resulting increase in combat power. The GIG Precedence and Preemption (P&P) requirements stem from the need to utilize scarce resources at critical times in the most effective way in support of national security, the intelligence community and the war-fighter. Information Assurance (IA) enables all information and data to be available end-to-end to support any mission without delay in accordance to the sensitivity of the task. Together, P&P and IA ensure data availability integrity, authentication, confidentiality, and non-repudiation. This study addresses and analyzes the QoS and P & P requirements and architecture for the GIG. Threat scenarios are presented and used to evaluate the reference architectures. The goal of the study is to assess the Information Assurance concerns associated with implementing Precedence and Preemption within the GIG and to guarantee an acceptable minimum level of security and protection for DoD networks.

The Future of the U.S. Nuclear Weapons Program

NASA Astrophysics Data System (ADS)

Brooks, Linton F.

2007-03-01

This paper will examine our plans for the future of the U.S. nuclear weapons program including efforts to ``transform'' the stockpile and supporting infrastructure. We proceed from the premise that the United States will need a safe, secure, and reliable nuclear deterrent for the foreseeable future. Moreover, the Stockpile Stewardship Program is working. Today's stockpile---comprised of legacy warheads left over from the Cold War---is safe and reliable. That said, we see increased risk, absent nuclear testing, in assuring the long-term safety and reliability of our current stockpile. Nor is today's nuclear weapons complex sufficiently ``responsive'' to fixing technical problems in the stockpile, or to potential adverse geopolitical change. Our task is to work to ensure that the U.S. nuclear weapons enterprise, including the stockpile and supporting infrastructure, meets long-term national security needs. Our approach is to develop and field replacement warheads for the legacy stockpile---so-called Reliable Replacement Warheads (RRW)---as a means to transform both the nuclear stockpile and supporting infrastructure.

Center for Infrastructure Assurance and Security - Attack and Defense Exercises

DTIC Science & Technology

2010-06-01

conclusion of the research funding under this program. 4.1. Steganography Detection Tools Steganography is the art of hiding information in a cover image ...Some of the more common methods are altering the LSB (least significant bit) of the pixels of the image , altering the palette of an RGB image , or...altering parts of the image in the transform domain. Algorithms that embed information in the transform domain are usually more robust to common

Weathering the Cyber Storm: The Military’s Resiliency to Cyber Attacks in Future Warfare

DTIC Science & Technology

2012-06-01

observation. While the ability to collect intelligence is important, it falls under a different rubric than warfare itself. 20 Another term worth...the use of antivirus programs, firewalls, and security policies. These measures also fall under the rubric of information assurance, or “measures that...specifying how it is to be accomplished.” of genetic diversity. 13 A complaint after Operation Iraqi Freedom (OIF) was that soldiers had to

SMART: Security Measurements and Assuring Reliability Through Metrics Technology

DTIC Science & Technology

2009-11-01

analyzing C / C ++ programs. C ++ is a terrible language for tool vendors to handle. There are only a handful of people in the world capable of writing an...input sanitizing , etc. These features aid in porting httpd to new platforms. For systems written in C / C ++, it appears that the use of preprocessor...DoD office) • DISTRIBUTION STATEMENT C . Distribution authorized to U.S. Government Agencies and their contractors (fill in reason) (date of

2003 Y-12 National Security Complex Annual Illness and Injury Surveillance Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

U.S. Department of Energy, Office of Health, Safety and Security, Office of Illness and Injury Prevention Programs

2007-05-23

Annual Illness and Injury Surveillance Program report for 2003 for Y-12. The U.S. Department of Energy’s (DOE) commitment to assuring the health and safety of its workers includes the conduct of epidemiologic surveillance activities that provide an early warning system for health problems among workers. The IISP monitors illnesses and health conditions that result in an absence of workdays, occupational injuries and illnesses, and disabilities and deaths among current workers.

78 FR 9433 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-08

... CFR 239.38) may be used to register securities of certain Canadian issuers under the Securities Act of... permits verification of compliance with securities law requirements and assures the public availability of...

75 FR 6229 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-08

... CFR 239.38) may be used to register securities of certain Canadian issuers under the Securities Act of... permits verification of compliance with securities law requirements and assures the public availability of...

Intelligent Sensors Security

PubMed Central

Bialas, Andrzej

2010-01-01

The paper is focused on the security issues of sensors provided with processors and software and used for high-risk applications. Common IT related threats may cause serious consequences for sensor system users. To improve their robustness, sensor systems should be developed in a restricted way that would provide them with assurance. One assurance creation methodology is Common Criteria (ISO/IEC 15408) used for IT products and systems. The paper begins with a primer on the Common Criteria, and then a general security model of the intelligent sensor as an IT product is discussed. The paper presents how the security problem of the intelligent sensor is defined and solved. The contribution of the paper is to provide Common Criteria (CC) related security design patterns and to improve the effectiveness of the sensor development process. PMID:22315571

Security Assessment Simulation Toolkit (SAST) Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Meitzler, Wayne D.; Ouderkirk, Steven J.; Hughes, Chad O.

2009-11-15

The Department of Defense Technical Support Working Group (DoD TSWG) investment in the Pacific Northwest National Laboratory (PNNL) Security Assessment Simulation Toolkit (SAST) research planted a technology seed that germinated into a suite of follow-on Research and Development (R&D) projects culminating in software that is used by multiple DoD organizations. The DoD TSWG technology transfer goal for SAST is already in progress. The Defense Information Systems Agency (DISA), the Defense-wide Information Assurance Program (DIAP), the Marine Corps, Office Of Naval Research (ONR) National Center For Advanced Secure Systems Research (NCASSR) and Office Of Secretary Of Defense International Exercise Program (OSDmore » NII) are currently investing to take SAST to the next level. PNNL currently distributes the software to over 6 government organizations and 30 DoD users. For the past five DoD wide Bulwark Defender exercises, the adoption of this new technology created an expanding role for SAST. In 2009, SAST was also used in the OSD NII International Exercise and is currently scheduled for use in 2010.« less

Designing an e-Portfolio for Assurance of Learning Focusing on Adoptability and Learning Analytics

ERIC Educational Resources Information Center

Oliver, Beverley; Whelan, Barbara

2011-01-01

The "Assurance of Learning for Graduate Employability" framework is a quality assurance model for curriculum enhancement for graduate employability, enabling graduates to achieve "the skills, understandings and personal attributes that make [them] more likely to secure employment and be successful in their chosen occupations to the…

Suspect/Counterfeit Items Information Guide for Subcontractors/Suppliers

DOE Office of Scientific and Technical Information (OSTI.GOV)

Tessmar, Nancy D.; Salazar, Michael J.

2012-09-18

Counterfeiting of industrial and commercial grade items is an international problem that places worker safety, program objectives, expensive equipment, and security at risk. In order to prevent the introduction of Suspect/Counterfeit Items (S/CI), this information sheet is being made available as a guide to assist in the implementation of S/CI awareness and controls, in conjunction with subcontractor's/supplier's quality assurance programs. When it comes to counterfeit goods, including industrial materials, items, and equipment, no market is immune. Some manufactures have been known to misrepresent their products and intentionally use inferior materials and processes to manufacture substandard items, whose properties can significantlymore » cart from established standards and specifications. These substandard items termed by the Department of Energy (DOE) as S/CI, pose immediate and potential threats to the safety of DOE and contractor workers, the public, and the environment. Failure of certain systems and processes caused by an S/CI could also have national security implications at Los Alamos National Laboratory (LANL). Nuclear Safety Rules (federal Laws), DOE Orders, and other regulations set forth requirements for DOE contractors to implement effective controls to assure that items and services meet specified requirements. This includes techniques to implement and thereby minimizing the potential threat of entry of S/CI to LANL. As a qualified supplier of goods or services to the LANL, your company will be required to establish and maintain effective controls to prevent the introduction of S/CI to LANL. This will require that your company warrant that all items (including their subassemblies, components, and parts) sold to LANL are genuine (i.e. not counterfeit), new, and unused, and conform to the requirements of the LANL purchase orders/contracts unless otherwise approved in writing to the Los Alamos National Security (LANS) contract administrator/procurements specialist.« less

15 CFR 996.31 - Termination of the Quality Assurance Program.

Code of Federal Regulations, 2011 CFR

2011-01-01

... ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES Other Quality Assurance Program Matters § 996.31 Termination of the Quality Assurance Program. (a) NOAA reserves the right to terminate the...

15 CFR 996.31 - Termination of the Quality Assurance Program.

Code of Federal Regulations, 2013 CFR

2013-01-01

... ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES Other Quality Assurance Program Matters § 996.31 Termination of the Quality Assurance Program. (a) NOAA reserves the right to terminate the...

15 CFR 996.31 - Termination of the Quality Assurance Program.

Code of Federal Regulations, 2014 CFR

2014-01-01

... ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES Other Quality Assurance Program Matters § 996.31 Termination of the Quality Assurance Program. (a) NOAA reserves the right to terminate the...

15 CFR 996.31 - Termination of the Quality Assurance Program.

Code of Federal Regulations, 2012 CFR

2012-01-01

... ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES Other Quality Assurance Program Matters § 996.31 Termination of the Quality Assurance Program. (a) NOAA reserves the right to terminate the...

50 CFR 600.240 - Security assurances.

Code of Federal Regulations, 2010 CFR

2010-10-01

... ADMINISTRATION, DEPARTMENT OF COMMERCE MAGNUSON-STEVENS ACT PROVISIONS Council Membership § 600.240 Security... meetings, materials classified for national security purposes, the agency or individual (e.g., DOS, USCG... classified for national security purposes, the agency or individual (e.g., Department of State, U.S. Coast...

10 CFR 780.8 - Security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 4 2012-01-01 2012-01-01 false Security. 780.8 Section 780.8 Energy DEPARTMENT OF ENERGY PATENT COMPENSATION BOARD REGULATIONS General Provisions § 780.8 Security. In any proceeding under this... the Act to assure compliance with Department security regulations and the common defense. ...

10 CFR 780.8 - Security.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 4 2011-01-01 2011-01-01 false Security. 780.8 Section 780.8 Energy DEPARTMENT OF ENERGY PATENT COMPENSATION BOARD REGULATIONS General Provisions § 780.8 Security. In any proceeding under this... the Act to assure compliance with Department security regulations and the common defense. ...

10 CFR 780.8 - Security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 4 2014-01-01 2014-01-01 false Security. 780.8 Section 780.8 Energy DEPARTMENT OF ENERGY PATENT COMPENSATION BOARD REGULATIONS General Provisions § 780.8 Security. In any proceeding under this... the Act to assure compliance with Department security regulations and the common defense. ...

10 CFR 780.8 - Security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 4 2010-01-01 2010-01-01 false Security. 780.8 Section 780.8 Energy DEPARTMENT OF ENERGY PATENT COMPENSATION BOARD REGULATIONS General Provisions § 780.8 Security. In any proceeding under this... the Act to assure compliance with Department security regulations and the common defense. ...

10 CFR 780.8 - Security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 4 2013-01-01 2013-01-01 false Security. 780.8 Section 780.8 Energy DEPARTMENT OF ENERGY PATENT COMPENSATION BOARD REGULATIONS General Provisions § 780.8 Security. In any proceeding under this... the Act to assure compliance with Department security regulations and the common defense. ...

Integrating a flexible modeling framework (FMF) with the network security assessment instrument to reduce software security risk

NASA Technical Reports Server (NTRS)

Gilliam, D. P.; Powell, J. D.

2002-01-01

This paper presents a portion of an overall research project on the generation of the network security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles.

Making the Business Case for Software Assurance

DTIC Science & Technology

2009-04-01

and Capability dEtermination-SPICE, ISO /IEC 15504, 1998. [ ISO 2007] International Organization for Standardization. " ISO /IEC 27001 & 27002 ...Implementing the Process Areas 6.2.7 Differences Between the CMMI and Software CMM Process Areas 6.3 The CMMI Appraisal Process 6.4 Adapting ISO 15504 to...Secure Software Assurance 6.4.1 Assessment and the Secure Life Cycle 6.4.2 ISO 15504 Capability Levels 6.5 Adapting the ISOIIEC 21287 Standard Approach to

Systems Security Engineering

DTIC Science & Technology

2010-08-22

Commission (IEC). “Information technology — Security techniques — Code of practice for information security management ( ISO /IEC 27002 ...Information technology — Security techniques — Information security management systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security...was a draft ISO standard on Systems and software engineering, Systems and software assurance [18]. Created by systems engineers for systems

49 CFR 180.505 - Quality assurance program.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 2 2010-10-01 2010-10-01 false Quality assurance program. 180.505 Section 180.505... MAINTENANCE OF PACKAGINGS Qualification and Maintenance of Tank Cars § 180.505 Quality assurance program. The quality assurance program requirements of § 179.7 of this subchapter apply. ...

[Quality assurance in ENT tumor surgery].

PubMed

Eckel, H E; Streppel, M; Schmalenbach, K; Volling, P; Schrappe, M; Dietz, A; Bootz, F

2000-12-01

Quality control is of special importance in head and neck oncology since the quality of medical care constitutes a vital parameter for the diseased patient. In contrast to other medical specialties, no quality assurance program for head and neck cancer patients has yet been established in Germany. Therefore, a survey was conducted to assess the quality assurance instruments that are in use today in otorhinolaryngology-head and neck (ORL-HNS) centers. In a nationwide survey, questionnaires were sent out to 146 German ORL-HNS departments (the return rate was 75%). 56% of all departments apply dedicated quality assurance processes, and 38% have appointed a formal quality assurance officer. Interdisciplinary oncological conferences are held in the vast majority of all departments with the participation of radiation oncologists in 86 (78%), medical oncologists in 84 (76%), diagnostic radiologists in 82 (74%), and pathologists in 73 (66%). Morbidity-mortality conferences are held in seven departments (6%). A standardized follow-up of oncological patients is carried out in 95 units (86%), and 53 departments use computer-assisted data bases to organize their follow-up data (48%). A wide variety of documentation systems is in use throughout the country: 78 units (71%) offer formal follow-up to their oncological patients. This survey documents a wide-spread interest in quality assurance procedures. Many individual efforts are being undertaken. However, no uniform quality assurance or auditing system is currently in use in Germany nor is a commonly accepted data base available. The ability to offer oncological follow-up within the national social security system is generally considered indispensable for the maintenance of high-quality oncological care in ORL-HNS departments.

Operational evaluation of rapid diagnostic testing for Ebola Virus Disease in Guinean laboratories

PubMed Central

Aho, Josephine; Franklin, Kristyn; Likofata, Jacques; Kamgang, Jean Baptiste; Keita, Sakoba; Koivogui, Lamine; Magassouba, N’Faly; Martel, Lise D.; Dahourou, Anicet George

2017-01-01

Background Rapid Diagnostic Tests (RDTs) for Ebola Virus Disease (EVD) at the point of care have the potential to increase access and acceptability of EVD testing and the speed of patient isolation and secure burials for suspect cases. A pilot program for EVD RDTs in high risk areas of Guinea was introduced in October 2015. This paper presents concordance data between EVD RDTs and PCR testing in the field as well as an assessment of the acceptability, feasibility, and quality assurance of the RDT program. Methods and findings Concordance data were compiled from laboratory surveillance databases. The operational measures of the laboratory-based EVD RDT program were evaluated at all 34 sentinel sites in Guinea through: (1) a technical questionnaire filled by the lab technicians who performed the RDTs, (2) a checklist filled by the evaluator during the site visits, and (3) direct observation of the lab technicians performing the quality control test. Acceptability of the EVD RDT was good for technicians, patients, and families although many technicians (69.8%) expressed concern for their safety while performing the test. The feasibility of the program was good based on average technician knowledge scores (6.6 out of 8) but basic infrastructure, equipment, and supplies were lacking. There was much room for improvement in quality assurance of the program. Conclusions The implementation of new diagnostics in weak laboratory systems requires general training in quality assurance, biosafety and communication with patients in addition to specific training for the new test. Corresponding capacity building in terms of basic equipment and a long-term commitment to transfer supervision and quality improvement to national public health staff are necessary for successful implementation. PMID:29190713

Operational evaluation of rapid diagnostic testing for Ebola Virus Disease in Guinean laboratories.

PubMed

VanSteelandt, Amanda; Aho, Josephine; Franklin, Kristyn; Likofata, Jacques; Kamgang, Jean Baptiste; Keita, Sakoba; Koivogui, Lamine; Magassouba, N'Faly; Martel, Lise D; Dahourou, Anicet George

2017-01-01

Rapid Diagnostic Tests (RDTs) for Ebola Virus Disease (EVD) at the point of care have the potential to increase access and acceptability of EVD testing and the speed of patient isolation and secure burials for suspect cases. A pilot program for EVD RDTs in high risk areas of Guinea was introduced in October 2015. This paper presents concordance data between EVD RDTs and PCR testing in the field as well as an assessment of the acceptability, feasibility, and quality assurance of the RDT program. Concordance data were compiled from laboratory surveillance databases. The operational measures of the laboratory-based EVD RDT program were evaluated at all 34 sentinel sites in Guinea through: (1) a technical questionnaire filled by the lab technicians who performed the RDTs, (2) a checklist filled by the evaluator during the site visits, and (3) direct observation of the lab technicians performing the quality control test. Acceptability of the EVD RDT was good for technicians, patients, and families although many technicians (69.8%) expressed concern for their safety while performing the test. The feasibility of the program was good based on average technician knowledge scores (6.6 out of 8) but basic infrastructure, equipment, and supplies were lacking. There was much room for improvement in quality assurance of the program. The implementation of new diagnostics in weak laboratory systems requires general training in quality assurance, biosafety and communication with patients in addition to specific training for the new test. Corresponding capacity building in terms of basic equipment and a long-term commitment to transfer supervision and quality improvement to national public health staff are necessary for successful implementation.

SEED: A Suite of Instructional Laboratories for Computer Security Education

ERIC Educational Resources Information Center

Du, Wenliang; Wang, Ronghua

2008-01-01

The security and assurance of our computing infrastructure has become a national priority. To address this priority, higher education has gradually incorporated the principles of computer and information security into the mainstream undergraduate and graduate computer science curricula. To achieve effective education, learning security principles…

42 CFR 417.106 - Quality assurance program; Availability, accessibility, and continuity of basic and supplemental...

Code of Federal Regulations, 2010 CFR

2010-10-01

... Qualified Health Maintenance Organizations: Services § 417.106 Quality assurance program; Availability, accessibility, and continuity of basic and supplemental health services. (a) Quality assurance program. Each HMO or CMP must have an ongoing quality assurance program for its health services that meets the...

Quality assurance program plan for radionuclide airborne emissions monitoring

DOE Office of Scientific and Technical Information (OSTI.GOV)

Boom, R.J.

1995-12-01

This Quality Assurance Program Plan identifies quality assurance program requirements and addresses the various Westinghouse Hanford Company organizations and their particular responsibilities in regards to sample and data handling of radiological airborne emissions. This Quality Assurance Program Plan is prepared in accordance with and to written requirements.

Developing a Framework for Evaluating Organizational Information Assurance Metrics Programs

DTIC Science & Technology

2007-03-01

least cost.  Standards  such as  ISO /IEC 17799 and  ISO /IEC  27001  provide guidance on the domains that  security management should consider when... ISO /IEC 17799, 2000;  ISO /IEC  27001 ,  2005).        6    In order to attempt to find this optimal mix, organizations can make risk  decisions weighing...Electronic version].     International Organization of Standards.  (2000).   ISO /IEC  27001 .  Information  Technology Security Techniques:  Information

Protected interoperability of telecommunications and digital products

NASA Astrophysics Data System (ADS)

Hampel, Viktor E.; Cartier, Gene N.; Craft, James P.

1994-11-01

New federal standards for the protection of sensitive data now make it possible to ensure the authenticity, integrity and confidentiality of digital products, and non-repudiation of digital telecommunications. Under review and comment since 1991, the new Federal standards were confirmed this year and provide standard means for the protection of voice and data communications from accidental and wilful abuse. The standards are initially tailored to protect only `sensitive-but-unclassified' (SBU) data in compliance with the Computer Security Act of 1987. These data represent the majority of transactions in electronic commerce, including sensitive procurement information, trade secrets, financial data, product definitions, and company-proprietary information classified as `intellectual property.' Harmonization of the new standards with international requirements is in progress. In the United States, the confirmation of the basic standards marks the beginning of a long-range program to assure discretionary and mandatory access controls to digital resources. Upwards compatibility into the classified domain with multi-level security is a core requirement of the National Information Infrastructure. In this report we review the powerful capabilities of standard Public-Key-Cryptology, the availability of commercial and Federal products for data protection, and make recommendations for their cost-effective use to assure reliable telecommunications and process controls.

78 FR 7816 - Quality Assurance Program Requirements (Operations)

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-04

... NUCLEAR REGULATORY COMMISSION [NRC-2013-0021] Quality Assurance Program Requirements (Operations...), DG-1300, ``Quality Assurance Program Requirements (Operations).'' DATES: Submit comments by April 1... CFR Part 50, Appendix B, ``Quality Assurance Criteria for Nuclear power Plants and Fuel Reprocessing...

An institutional review board-based clinical research quality assurance program.

PubMed

Lad, Pramod M; Dahl, Rebecca

2013-01-01

Despite the acknowledged importance of quality assurance in the clinical research process, the problem of how such a program should be implemented at the level of an academic teaching hospital or a similar institution has not been addressed in the literature. Despite the fact that quality assurance is expected in programs which certify and accredit Institutional Review Boards (IRBs), very little is known about the role of the IRB in programs of clinical research quality assurance. In this article we consider the definition of clinical research quality assurance, and describe a program designed to achieve it. The key elements of such a program are education at the site level, which has both mandatory and voluntary components, and an auditing and monitoring program, which reinforces the education on quality assurance. The role of the IRB in achieving the program goals and the organizational placement of the quality assurance program within the IRB structure and function are important items of discussion.

78 FR 37850 - Quality Assurance Program Requirements (Operations)

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-24

... NUCLEAR REGULATORY COMMISSION [NRC-2013-0021] Quality Assurance Program Requirements (Operations... Regulatory Commission (NRC) is issuing a revision to Regulatory Guide (RG) 1.33, ``Quality Assurance Program... managerial and administrative Quality Assurance (QA) controls for nuclear power plants during operations...

21 CFR 1000.55 - Recommendation for quality assurance programs in diagnostic radiology facilities.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 21 Food and Drugs 8 2012-04-01 2012-04-01 false Recommendation for quality assurance programs in... Recommendations § 1000.55 Recommendation for quality assurance programs in diagnostic radiology facilities. (a) Applicability. Quality assurance programs as described in paragraph (c) of this section are recommended for all...

21 CFR 1000.55 - Recommendation for quality assurance programs in diagnostic radiology facilities.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 21 Food and Drugs 8 2013-04-01 2013-04-01 false Recommendation for quality assurance programs in... Recommendations § 1000.55 Recommendation for quality assurance programs in diagnostic radiology facilities. (a) Applicability. Quality assurance programs as described in paragraph (c) of this section are recommended for all...

21 CFR 1000.55 - Recommendation for quality assurance programs in diagnostic radiology facilities.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 21 Food and Drugs 8 2014-04-01 2014-04-01 false Recommendation for quality assurance programs in... Recommendations § 1000.55 Recommendation for quality assurance programs in diagnostic radiology facilities. (a) Applicability. Quality assurance programs as described in paragraph (c) of this section are recommended for all...

Rationale and Development of a Security Assurance Index with Application toward the Development of a World Risk Index

DOE Office of Scientific and Technical Information (OSTI.GOV)

M. M. Plum; G. A. Beitel, PhD

Assurance categories were previously developed to support the Department of Homeland Security’s efforts in the mitigation of Cyber Control System events. Defined according to the risk of life and economic loss, the minimum range is designated by policy, whereas the maximum limit seems to be constrained only by limits and interdependencies of the event. Use of this life / assets scale has proven to be helpful in managing risk due to the scale's ease of use, communication, and understanding. Suggestions have been made that this scale could be applied to all events of terror, disaster, and calamity of an internationalmore » scale, with equally good results. This paper presents the history of some existing scales of disaster and assurance, the rationale behind the development of the original Security Assurance Index, and our proposed scale of disaster and calamity as a World Risk Index.« less

Status of Iran's nuclear program and negotiations

DOE Office of Scientific and Technical Information (OSTI.GOV)

Albright, David

2014-05-09

Iran's nuclear program poses immense challenges to international security. Its gas centrifuge program has grown dramatically in the last several years, bringing Iran close to a point where it could produce highly enriched uranium in secret or declared gas centrifuge plants before its breakout would be discovered and stopped. To reduce the risk posed by Iran's nuclear program, the P5+1 have negotiated with Iran short term limits on the most dangerous aspects of its nuclear programs and is negotiating long-term arrangements that can provide assurance that Iran will not build nuclear weapons. These long-term arrangements need to include a farmore » more limited and transparent Iranian nuclear program. In advance of arriving at a long-term arrangement, the IAEA will need to resolve its concerns about the alleged past and possibly on-going military dimensions of Iran's nuclear program.« less

Building Assured Systems Framework

DTIC Science & Technology

2010-09-01

of standards such as ISO 27001 as frameworks [NASCIO 2009]. In this context, a framework is a standard intended to assist in auditing and compliance...Information Security ISO /IEC 27004 Information technology – Security techniques - Information security management measurement ISO /IEC 15939, System and

48 CFR 239.7102-1 - General.

Code of Federal Regulations, 2010 CFR

2010-10-01

..., DEPARTMENT OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-1 General. (a) Agencies shall ensure that information assurance is... include— (1) The National Security Act; (2) The Clinger-Cohen Act; (3) National Security...

48 CFR 239.7102-1 - General.

Code of Federal Regulations, 2014 CFR

2014-10-01

..., DEPARTMENT OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-1 General. (a) Agencies shall ensure that information assurance is... include— (1) The National Security Act; (2) The Clinger-Cohen Act; (3) National Security...

48 CFR 239.7102-1 - General.

Code of Federal Regulations, 2013 CFR

2013-10-01

..., DEPARTMENT OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-1 General. (a) Agencies shall ensure that information assurance is... include— (1) The National Security Act; (2) The Clinger-Cohen Act; (3) National Security...

48 CFR 239.7102-1 - General.

Code of Federal Regulations, 2012 CFR

2012-10-01

..., DEPARTMENT OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-1 General. (a) Agencies shall ensure that information assurance is... include— (1) The National Security Act; (2) The Clinger-Cohen Act; (3) National Security...

48 CFR 239.7102-1 - General.

Code of Federal Regulations, 2011 CFR

2011-10-01

..., DEPARTMENT OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-1 General. (a) Agencies shall ensure that information assurance is... include— (1) The National Security Act; (2) The Clinger-Cohen Act; (3) National Security...

23 CFR 637.207 - Quality assurance program.

Code of Federal Regulations, 2012 CFR

2012-04-01

... program. (a) Each STD's quality assurance program shall provide for an acceptance program and an independent assurance (IA) program consisting of the following: (1) Acceptance program. (i) Each STD's... STD shall establish a dispute resolution system. The dispute resolution system shall address the...

23 CFR 637.207 - Quality assurance program.

Code of Federal Regulations, 2014 CFR

2014-04-01

... program. (a) Each STD's quality assurance program shall provide for an acceptance program and an independent assurance (IA) program consisting of the following: (1) Acceptance program. (i) Each STD's... STD shall establish a dispute resolution system. The dispute resolution system shall address the...

23 CFR 637.207 - Quality assurance program.

Code of Federal Regulations, 2013 CFR

2013-04-01

... program. (a) Each STD's quality assurance program shall provide for an acceptance program and an independent assurance (IA) program consisting of the following: (1) Acceptance program. (i) Each STD's... STD shall establish a dispute resolution system. The dispute resolution system shall address the...

DoD Nuclear Weapons Personnel Reliability Assurance

DTIC Science & Technology

2016-04-27

destructive power, and the potential consequences of an accident or unauthorized act. Assured nuclear weapons safety, security, and control remain of...DOD INSTRUCTION 5210.42 DOD NUCLEAR WEAPONS PERSONNEL RELIABILITY ASSURANCE Originating Component: Office of the Under Secretary of...from the DoD Issuances Website at http://www.dtic.mil/whs/directives. Reissues and renames: DoD Instruction 5210.42, “ Nuclear Weapons Personnel

Soviet Military Objectives in the Artic Theater and How They Might be Attained

DTIC Science & Technology

1986-09-01

on NATO’s Northern Flank," Armed Forces Journal International, April 1984, 88 ff.; Roy Breivik , "Assuring the Security of Reinforcements to Norway...Publishing Co., 1985), 72-78 passim; Patrick Wall, "The Importance of NATO’s North- em Flank," Defence, vol. 10, no. 1 (January 1979), 9-11. 48. The...Ellingsen, Militaerbalansen 1983-1984; Breivik , "Assuring the Security of Rein- forcements to Norway," 66. 50. The reinforcements include a

10 CFR 71.105 - Quality assurance program.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Quality assurance program. 71.105 Section 71.105 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) PACKAGING AND TRANSPORTATION OF RADIOACTIVE MATERIAL Quality Assurance § 71.105 Quality assurance program. (a) The licensee, certificate holder, and applicant for a CoC...

10 CFR 63.144 - Quality assurance program change.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Quality assurance program change. 63.144 Section 63.144 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) DISPOSAL OF HIGH-LEVEL RADIOACTIVE WASTES IN A GEOLOGIC... assurance program information that duplicates language in quality assurance regulatory guides and quality...

A Guide to Understanding Security Testing and Test Documentation in Trusted Systems, Version 1

DTIC Science & Technology

1993-07-01

necessary to allow the testing of access with all other types of objects. The above test data also provide partial coverage because they de not include...two types of assurance are needed. They are life-cycle assurance and operational assurance. "Life-cycle assurance refers to steps taken by an...procedures depends to a certain extent on the nature of the TCB interface under test. For example, for most TCB-primitive tests that require the same type

Automated generation of a World Wide Web-based data entry and check program for medical applications.

PubMed

Kiuchi, T; Kaihara, S

1997-02-01

The World Wide Web-based form is a promising method for the construction of an on-line data collection system for clinical and epidemiological research. It is, however, laborious to prepare a common gateway interface (CGI) program for each project, which the World Wide Web server needs to handle the submitted data. In medicine, it is even more laborious because the CGI program must check deficits, type, ranges, and logical errors (bad combination of data) of entered data for quality assurance as well as data length and meta-characters of the entered data to enhance the security of the server. We have extended the specification of the hypertext markup language (HTML) form to accommodate information necessary for such data checking and we have developed software named AUTOFORM for this purpose. The software automatically analyzes the extended HTML form and generates the corresponding ordinary HTML form, 'Makefile', and C source of CGI programs. The resultant CGI program checks the entered data through the HTML form, records them in a computer, and returns them to the end-user. AUTOFORM drastically reduces the burden of development of the World Wide Web-based data entry system and allows the CGI programs to be more securely and reliably prepared than had they been written from scratch.

10 CFR 72.144 - Quality assurance program.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Quality assurance program. 72.144 Section 72.144 Energy... NUCLEAR FUEL, HIGH-LEVEL RADIOACTIVE WASTE, AND REACTOR-RELATED GREATER THAN CLASS C WASTE Quality Assurance § 72.144 Quality assurance program. (a) The licensee, applicant for a license, certificate holder...

43 CFR 2.51 - Assuring integrity of records.

Code of Federal Regulations, 2011 CFR

2011-10-01

... on those recommended in the National Bureau of Standard's booklet “Computer Security Guidelines for..., technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in...

43 CFR 2.51 - Assuring integrity of records.

Code of Federal Regulations, 2010 CFR

2010-10-01

... on those recommended in the National Bureau of Standard's booklet “Computer Security Guidelines for..., technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in...

43 CFR 2.51 - Assuring integrity of records.

Code of Federal Regulations, 2012 CFR

2012-10-01

... on those recommended in the National Bureau of Standard's booklet “Computer Security Guidelines for..., technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in...

43 CFR 2.226 - Assuring integrity of records.

Code of Federal Regulations, 2014 CFR

2014-10-01

... on those recommended in the National Bureau of Standard's booklet “Computer Security Guidelines for..., technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in...

43 CFR 2.226 - Assuring integrity of records.

Code of Federal Regulations, 2013 CFR

2013-10-01

... on those recommended in the National Bureau of Standard's booklet “Computer Security Guidelines for..., technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in...

High Assurance Models for Secure Systems

ERIC Educational Resources Information Center

Almohri, Hussain M. J.

2013-01-01

Despite the recent advances in systems and network security, attacks on large enterprise networks consistently impose serious challenges to maintaining data privacy and software service integrity. We identify two main problems that contribute to increasing the security risk in a networked environment: (i) vulnerable servers, workstations, and…

Effective information management and assurance for a modern organisation during a crisis.

PubMed

MacLeod, Andrew

2015-01-01

During a crisis, organisations face a major unpredictable event with potentially negative consequences. Effective information management and assurance can assist the organisation in making sure that they have the correct information in a secure format to make decisions to recover their operations. The main elements of effective information management and assurance are confidentiality, integrity and availability, combined with non-repudiation. Should an element of effective information management or assurance be removed it can have a detrimental effect on the other elements and render the information management and assurance practices of the organisation ineffectual.

Assurance Evaluation for OSS Adoption in a Telco Context

NASA Astrophysics Data System (ADS)

Ardagna, Claudio A.; Banzi, Massimo; Damiani, Ernesto; El Ioini, Nabil; Frati, Fulvio

Software Assurance (SwA) is a complex concept that involves different stages of a software development process and may be defined differently depending on its focus, as for instance software quality, security, or dependability. In Computer Science, the term assurance is referred to all activities necessary to provide enough confidence that a software product will satisfy its users’ functional and non-functional requirements.

A Study on the Interrelations between the Security-Related Antecedents of Customers' Online Trust

NASA Astrophysics Data System (ADS)

Peikari, Hamid Reza

Despite the wide attention of previous studies to explore the influence of different security-related factors on customers' online trust, the interrelations between such factors and their direct and indirect influences on customers' trust have been neglected. This study investigates the direct and indirect interrelations between the factors authentication, encryption, technical protection and externally provided assurances including third party security and privacy seals with customers' trust in the business-to-customer (B2C) environment. The data was collected from 238 respondents and after the test of reliability and validity of the scale, the hypotheses were tested using structural equation modeling. The results showed that customers' perception of encryption and authentication mechanisms implemented by a Website have a positive significant influence on their perceived technical protection while technical protection was found to significantly influence customers' trust to the Website. However, the analysis did not find any relation between the third party assurance and customers' trust, indicating that despite the high expenses companies involve to obtain such assurances from reputed third parties, such mechanisms and assurances do not have any direct or indirect significant influence on customers' trust; which raises questions on the value of such mechanisms .finally, after discussing the findings and implication of this study for both academic and business worlds, suggestions for future studies were made to have a better understanding of the dimensions of the interrelations between the security-related factors.

LANL Contributions to the B61 LIfe Extension Program

DOE Office of Scientific and Technical Information (OSTI.GOV)

Corpion, Juan Carlos

2016-02-10

The Los Alamos National Laboratory (LANL) has a long, proud heritage in science and innovation that extends 70 years. Although the Laboratory’s primary responsibility is assuring the safety and reliability of the nation’s nuclear deterrent, Laboratory staff work on a broad range of advanced technologies to provide the best, most effective scientific and engineering solutions to the nation’s critical security challenges. The world is rapidly changing, but this essential responsibility remains the LANL’s core mission. LANL is the Design Laboratory for the nuclear explosive package of the B61 Air Force bomb. The B61-12 Life Extension Program (LEP) activities at LANLmore » will increase the lifetime of the bomb and provide safety and security options to meet security environments both today and in the future. The B61’s multiple-platform functionality, unique safety features, and large number of components make the B61-12 LEP one of the most complex LEPs ever attempted. Over 230 LANL scientists, engineers, technicians, and support personnel from across the Laboratory are bringing decades of interdisciplinary knowledge, technical expertise, and leading-edge capabilities to LANL’s work on the LEP.« less

36 CFR 1008.6 - Assuring integrity of records.

Code of Federal Regulations, 2012 CFR

2012-07-01

... shall be maintained in a secure manner commensurate with the sensitivity of the information contained in the system of records. The Privacy Act Officer will periodically review these security measures to...

36 CFR 1008.6 - Assuring integrity of records.

Code of Federal Regulations, 2011 CFR

2011-07-01

... shall be maintained in a secure manner commensurate with the sensitivity of the information contained in the system of records. The Privacy Act Officer will periodically review these security measures to...

36 CFR 1008.6 - Assuring integrity of records.

Code of Federal Regulations, 2014 CFR

2014-07-01

... shall be maintained in a secure manner commensurate with the sensitivity of the information contained in the system of records. The Privacy Act Officer will periodically review these security measures to...

10 CFR 71.37 - Quality assurance.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Quality assurance. 71.37 Section 71.37 Energy NUCLEAR... Package Approval § 71.37 Quality assurance. (a) The applicant shall describe the quality assurance program... quality assurance program that are applicable to the particular package design under consideration...

CrossTalk: The Journal of Defense Software Engineering. Volume 20, Number 5, May 2007

DTIC Science & Technology

2007-05-01

zation Program. Washington: GSA, DoD, and NASA , 2005 <http:// www.arnet.gov/far/>. 11. Department of Commerce. NIST. FIPS Pub 200, Minimum Security...on this Web site. The NASA Goddard Space Flight Center (GSFC) SwA http://sw-assurance.gsfc.nasa.gov The NASA GSFC SwA Web site pro- vides tools...OCT2006 c STAR WARS TO STAR TREK NOV2006 c MANAGEMENT BASICS DEC2006 c REQUIREMENTS ENG. JAN2007 c PUBLISHER’S CHOICE FEB2007 c CMMI MAR2007 c

25 CFR 43.22 - Assuring integrity of records.

Code of Federal Regulations, 2011 CFR

2011-04-01

..., “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May 30, 1975), and any supplements... with appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or...

25 CFR 43.22 - Assuring integrity of records.

Code of Federal Regulations, 2013 CFR

2013-04-01

..., “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May 30, 1975), and any supplements... with appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or...

25 CFR 43.22 - Assuring integrity of records.

Code of Federal Regulations, 2010 CFR

2010-04-01

..., “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May 30, 1975), and any supplements... with appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or...

25 CFR 43.22 - Assuring integrity of records.

Code of Federal Regulations, 2012 CFR

2012-04-01

..., “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May 30, 1975), and any supplements... appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which...

25 CFR 43.22 - Assuring integrity of records.

Code of Federal Regulations, 2014 CFR

2014-04-01

..., “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May 30, 1975), and any supplements... with appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or...

What's in a Name?

ERIC Educational Resources Information Center

Petersen, Rodney

2004-01-01

The evolution of terms, such as computer security, network security, information security, and information assurance, appears to reflect a changing landscape, largely influenced by rapid developments in technology and the maturity of a relatively young profession and an emerging academic discipline. What lies behind the evolution of these terms?…

Automotive Stirling engine Market and Industrial Readiness Program (MIRP), phase 1

NASA Astrophysics Data System (ADS)

1982-05-01

A program, begun in 1978, has the goal of transferring Stirling engine technology from United Stirling of Sweden to the US and, then, following design, fabrication, and prototype testing, to secure US manufacturers for the engine. The ultimate objective is the large-scale commercial use of the Automotive Stirling Engine (ASE) by the year 2000. The fist phase of the Market and Industrial Readiness Program for the ASE was concerned with defining the market, product, economic and technical factors necessary to be addressed to assure a reasonable chance of ultimate commercial acceptance. Program results for this first phase are reported and discussed. These results pertain to licensing strategy development, economic analysis, market factors, product planning, market growth, cost studies, and engine performance as measured by fuel economy using conventional fuels and by vehicle speed and acceleration characteristics.

QUALITY ASSURANCE AND QUALITY CONTROL FOR WASTE CONTAINMENT FACILITIES. Project Summary

EPA Science Inventory

It is generally agreed that both quality assurance (QA) and quality control (QC) are essential to the proper installation and eventual performance of environmentally safe and secure waste containment systems. Even further, there are both manufacturing and construction aspects to...

76 FR 32333 - Approval and Promulgation of Air Quality Implementation Plans; Pennsylvania; Revision to the...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-06

... duration of the timing of quality assurance audits performed by the Pennsylvania Department of...) Program--Quality Assurance Protocol for the Safety Inspection Program in Non-I/M Counties AGENCY... quality assurance program for its motor vehicle inspection and maintenance program (I/M program...

Using software security analysis to verify the secure socket layer (SSL) protocol

NASA Technical Reports Server (NTRS)

Powell, John D.

2004-01-01

nal Aeronautics and Space Administration (NASA) have tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information the3, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach '' offers, among its capabilities, formal verification of software security properties, through the use of model based verification (MBV) to address software security risks. [1,2,3,4,5,6] MBV is a formal approach to software assurance that combines analysis of software, via abstract models, with technology, such as model checkers, that provide automation of the mechanical portions of the analysis process. This paper will discuss: The need for formal analysis to assure software systems with respect to software and why testing alone cannot provide it. The means by which MBV with a Flexible Modeling Framework (FMF) accomplishes the necessary analysis task. An example of FMF style MBV in the verification of properties over the Secure Socket Layer (SSL) communication protocol as a demonstration.

36 CFR § 1008.6 - Assuring integrity of records.

Code of Federal Regulations, 2013 CFR

2013-07-01

... Privacy Act shall be maintained in a secure manner commensurate with the sensitivity of the information contained in the system of records. The Privacy Act Officer will periodically review these security measures...

Common Criteria related security design patterns--validation on the intelligent sensor example designed for mine environment.

PubMed

Bialas, Andrzej

2010-01-01

The paper discusses the security issues of intelligent sensors that are able to measure and process data and communicate with other information technology (IT) devices or systems. Such sensors are often used in high risk applications. To improve their robustness, the sensor systems should be developed in a restricted way to provide them with assurance. One of assurance creation methodologies is Common Criteria (ISO/IEC 15408), used for IT products and systems. The contribution of the paper is a Common Criteria compliant and pattern-based method for the intelligent sensors security development. The paper concisely presents this method and its evaluation for the sensor detecting methane in a mine, focusing on the security problem of the intelligent sensor definition and solution. The aim of the validation is to evaluate and improve the introduced method.

Stable operation of a Secure QKD system in the real-world setting

NASA Astrophysics Data System (ADS)

Tomita, Akihisa

2007-06-01

Quantum Key Distribution (QKD) now steps forward from the proof of principle to the validation of the practical feasibility. Nevertheless, the QKD technology should respond to the challenges from the real-world such as stable operation against the fluctuating environment, and security proof under the practical setting. We report our recent progress on stable operation of a QKD system, and key generation with security assurance. A QKD system should robust to temperature fluctuation in a common office environment. We developed a loop-mirror, a substitution of a Faraday mirror, to allow easy compensation for the temperature dependence of the device. Phase locking technique was also employed to synchronize the system clock to the quantum signals. This technique is indispensable for the transmission system based on the installed fiber cables, which stretch and shrink due to the temperature change. The security proof of QKD, however, has assumed the ideal conditions, such as the use of a genuine single photon source and/or unlimited computational resources. It has been highly desirable to give an assurance of security for practical systems, where the ideal conditions are no longer satisfied. We have constructed a theory to estimate the leakage information on the transmitted key under the practically attainable conditions, and have developed a QKD system equipped with software for secure key distillation. The QKD system generates the final key at the rate of 2000 bps after 20 km fiber transmission. Eavesdropper's information on the final key is guaranteed to be less than 2-7 per bit. This is the first successful generation of the secure key with quantitative assurance of the upper bound of the leakage information. It will put forth the realization of highly secure metropolitan optical communication network against any types of eavesdropping.

Nonmethane organic compound monitoring program. Final report 1988. Volume 2. Urban air toxics monitoring program

DOE Office of Scientific and Technical Information (OSTI.GOV)

McAllister, R.A.; Moore, W.H.; Rice, J.

1989-04-01

From October, 1987 to October, 1988 samples of ambient air were collected at 19 sites in the eastern part of the U.S. Every 12 days, air was integrated over 24-hour periods into passivated stainless steel canisters. Simultaneously, air was drawn through cartridges containing dinitrophenylhydrazine to collect carbonyl compounds. The samples were analyzed at a central laboratory for a total of 37 halogenated and aromatic hydrocarbons, formaldehyde, acetaldehyde, and other oxygenated species. The hydrocarbon species were analyzed by gas chromatography/multiple detectors and gas chromatography/mass spectrometry, while the carbonyl species were analyzed by liquid chromatography. An extensive quality assurance program was carriedmore » on to secure high quality data. Complete data for all the hydrocarbon samples are presented in the report.« less

A Formal Integrity Framework with Application to a Secure Information ATM (SIATM)

DTIC Science & Technology

2012-10-01

work on Integrity and resultant implementations seems to have focussed more on a matters related to source authentication and transmission assurance...to have focussed more on a matters related to source authentication and transmission assurance. However, the quality of data aspect is becoming more...implementations seems to have focussed more on matters related to source authentication and transmission assur- ance, for which there is a

A Computational Model and Multi-Agent Simulation for Information Assurance

DTIC Science & Technology

2002-06-01

Podell , Information Security: an Integrated Collection of Essays, IEEE Computer Society Press, Los Alamitos, CA, 1994. Brinkley, D. L. and Schell, R...R., “What is There to Worry About? An Introduction to the Computer Security Problem,” ed. Abrams and Jajodia and Podell , Information Security: an

48 CFR 239.7102-3 - Information assurance contractor training and certification.

Code of Federal Regulations, 2011 CFR

2011-10-01

... ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-3 Information..., certification maintenance, and continuing education or sustainment training required for the information... 48 Federal Acquisition Regulations System 3 2011-10-01 2011-10-01 false Information assurance...

48 CFR 239.7102-3 - Information assurance contractor training and certification.

Code of Federal Regulations, 2014 CFR

2014-10-01

... ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-3 Information..., certification maintenance, and continuing education or sustainment training required for the information... 48 Federal Acquisition Regulations System 3 2014-10-01 2014-10-01 false Information assurance...

48 CFR 239.7102-3 - Information assurance contractor training and certification.

Code of Federal Regulations, 2012 CFR

2012-10-01

... ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-3 Information..., certification maintenance, and continuing education or sustainment training required for the information... 48 Federal Acquisition Regulations System 3 2012-10-01 2012-10-01 false Information assurance...

48 CFR 239.7102-3 - Information assurance contractor training and certification.

Code of Federal Regulations, 2013 CFR

2013-10-01

... ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-3 Information..., certification maintenance, and continuing education or sustainment training required for the information... 48 Federal Acquisition Regulations System 3 2013-10-01 2013-10-01 false Information assurance...

48 CFR 239.7102-3 - Information assurance contractor training and certification.

Code of Federal Regulations, 2010 CFR

2010-10-01

... ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-3 Information..., certification maintenance, and continuing education or sustainment training required for the information... 48 Federal Acquisition Regulations System 3 2010-10-01 2010-10-01 false Information assurance...

Standard procedures and quality-control practices for the U.S. Geological Survey National Field Quality Assurance Program from 1982 through 1993

USGS Publications Warehouse

Stanley, D.L.

1995-01-01

The U.S. Geological Survey operates the National Field Quality Assurance Program to provide quality- assurance reference samples to field personnel who make water-quality field measurements. The program monitors the accuracy and precision of pH, specific conductance, and alkalinity field measurements. This report documents the operational procedures and quality-control techniques used in operating the quality-assurance program.

Preparing Information Systems (IS) Graduates to Meet the Challenges of Global IT Security: Some Suggestions

ERIC Educational Resources Information Center

Sauls, Jeff; Gudigantala, Naveen

2013-01-01

Managing IT security and assurance is a top priority for organizations. Aware of the costs associated with a security or privacy breach, organizations are constantly vigilant about protecting their data and IT systems. In addition, organizations are investing heavily in IT resources to keep up with the challenges of managing their IT security and…

Developing and theoretically justifying innovative organizational practices in health information assurance

NASA Astrophysics Data System (ADS)

Collmann, Jeff R.

2003-05-01

This paper justifies and explains current efforts in the Military Health System (MHS) to enhance information assurance in light of the sociological debate between "Normal Accident" (NAT) and "High Reliability" (HRT) theorists. NAT argues that complex systems such as enterprise health information systems display multiple, interdependent interactions among diverse parts that potentially manifest unfamiliar, unplanned, or unexpected sequences that operators may not perceive or immediately understand, especially during emergencies. If the system functions rapidly with few breaks in time, space or process development, the effects of single failures ramify before operators understand or gain control of the incident thus producing catastrophic accidents. HRT counters that organizations with strong leadership support, continuous training, redundant safety features and "cultures of high reliability" contain the effects of component failures even in complex, tightly coupled systems. Building highly integrated, enterprise-wide computerized health information management systems risks creating the conditions for catastrophic breaches of data security as argued by NAT. The data security regulations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) implicitly depend on the premises of High Reliability Theorists. Limitations in HRT thus have implications for both safe program design and compliance efforts. MHS and other health care organizations should consider both NAT and HRT when designing and deploying enterprise-wide computerized health information systems.

75 FR 30159 - Automatic Dependent Surveillance-Broadcast (ADS-B) Out Performance Requirements To Support Air...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-28

...--Experimental Aircraft Association ELT--Emergency Locator Transmitter ES--Extended Squitter EUROCAE--European...--Security Certification and Accreditation Procedures SDA--System Design Assurance SIL--Source Integrity.... Surveillance Integrity Level 6. Source Integrity Level (SIL) and System Design Assurance (SDA) 7. Secondary...

48 CFR 3046.702 - [Reserved

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 7 2010-10-01 2010-10-01 false [Reserved] 3046.702 Section 3046.702 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) CONTRACT MANAGEMENT QUALITY ASSURANCE Warranties 3046.702 [Reserved] ...

77 FR 70493 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-26

... of certain Canadian issuers under the Securities Act of 1933 (15 U.S.C. 77a et seq.) that will be... securities law requirements and assures the public availability of such information. We estimate that Form F...

Common Criteria Related Security Design Patterns—Validation on the Intelligent Sensor Example Designed for Mine Environment

PubMed Central

Bialas, Andrzej

2010-01-01

The paper discusses the security issues of intelligent sensors that are able to measure and process data and communicate with other information technology (IT) devices or systems. Such sensors are often used in high risk applications. To improve their robustness, the sensor systems should be developed in a restricted way to provide them with assurance. One of assurance creation methodologies is Common Criteria (ISO/IEC 15408), used for IT products and systems. The contribution of the paper is a Common Criteria compliant and pattern-based method for the intelligent sensors security development. The paper concisely presents this method and its evaluation for the sensor detecting methane in a mine, focusing on the security problem of the intelligent sensor definition and solution. The aim of the validation is to evaluate and improve the introduced method. PMID:22399888

Planning for Effective Security at Campus Special Events.

ERIC Educational Resources Information Center

Bromley, Max L.

1984-01-01

Factors to consider in assuring security for student events on campus are discussed, based on the experience of the University of South Florida, which has developed, tested, and critiqued a system of planning security. Even though special events vary significantly in type and purpose, some questions should be answered in advance, with the…

The Employee Retirement Income Security Act of 1974: Policies and Problems

ERIC Educational Resources Information Center

Alperin, Stuart N.; And Others

1975-01-01

Congress enacted the Employment Retirement Income Security Act of 1974 (ERISA) to help assure economic security in retirement. This analysis includes description of the growth, operation, and inequities within the private pension system and analysis of ERISA: (1) participation, vesting and joint and survivor annuities; (2) funding and plan…

48 CFR 2146.270 - FEGLI Program quality assurance requirements.

Code of Federal Regulations, 2013 CFR

2013-10-01

... MANAGEMENT, FEDERAL EMPLOYEES GROUP LIFE INSURANCE FEDERAL ACQUISITION REGULATION CONTRACT MANAGEMENT QUALITY ASSURANCE Contract Quality Requirements 2146.270 FEGLI Program quality assurance requirements. (a) The... 48 Federal Acquisition Regulations System 6 2013-10-01 2013-10-01 false FEGLI Program quality...

48 CFR 2146.270 - FEGLI Program quality assurance requirements.

Code of Federal Regulations, 2014 CFR

2014-10-01

... MANAGEMENT, FEDERAL EMPLOYEES GROUP LIFE INSURANCE FEDERAL ACQUISITION REGULATION CONTRACT MANAGEMENT QUALITY ASSURANCE Contract Quality Requirements 2146.270 FEGLI Program quality assurance requirements. (a) The... 48 Federal Acquisition Regulations System 6 2014-10-01 2014-10-01 false FEGLI Program quality...

48 CFR 2146.270 - FEGLI Program quality assurance requirements.

Code of Federal Regulations, 2012 CFR

2012-10-01

... MANAGEMENT, FEDERAL EMPLOYEES GROUP LIFE INSURANCE FEDERAL ACQUISITION REGULATION CONTRACT MANAGEMENT QUALITY ASSURANCE Contract Quality Requirements 2146.270 FEGLI Program quality assurance requirements. (a) The... 48 Federal Acquisition Regulations System 6 2012-10-01 2012-10-01 false FEGLI Program quality...

48 CFR 2146.270 - FEGLI Program quality assurance requirements.

Code of Federal Regulations, 2011 CFR

2011-10-01

... MANAGEMENT, FEDERAL EMPLOYEES GROUP LIFE INSURANCE FEDERAL ACQUISITION REGULATION CONTRACT MANAGEMENT QUALITY ASSURANCE Contract Quality Requirements 2146.270 FEGLI Program quality assurance requirements. (a) The... 48 Federal Acquisition Regulations System 6 2011-10-01 2011-10-01 false FEGLI Program quality...

48 CFR 2146.270 - FEGLI Program quality assurance requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... MANAGEMENT, FEDERAL EMPLOYEES GROUP LIFE INSURANCE FEDERAL ACQUISITION REGULATION CONTRACT MANAGEMENT QUALITY ASSURANCE Contract Quality Requirements 2146.270 FEGLI Program quality assurance requirements. (a) The... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true FEGLI Program quality...

Addressing software security risk mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2003-01-01

The NASA Office of Safety and Mission Assurance (OSMA) has funded the Jet Propulsion Laboratory (JPL) with a Center Initiative, 'Reducing Software Security Risk through an Integrated Approach' (RSSR), to address this need. The Initiative is a formal approach to addressing software security in the life cycle through the instantiation of a Software Security Assessment Instrument (SSAI) for the development and maintenance life cycles.

Organizational Culture and Safety

NASA Technical Reports Server (NTRS)

Adams, Catherine A.

2003-01-01

'..only a fool perseveres in error.' Cicero. Humans will break the most advanced technological devices and override safety and security systems if they are given the latitude. Within the workplace, the operator may be just one of several factors in causing accidents or making risky decisions. Other variables considered for their involvement in the negative and often catastrophic outcomes include the organizational context and culture. Many organizations have constructed and implemented safety programs to be assimilated into their culture to assure employee commitment and understanding of the importance of everyday safety. The purpose of this paper is to examine literature on organizational safety cultures and programs that attempt to combat vulnerability, risk taking behavior and decisions and identify the role of training in attempting to mitigate unsafe acts.

Urban Air Toxics Monitoring Program, 1989

DOE Office of Scientific and Technical Information (OSTI.GOV)

McAllister, R.A.; Moore, W.H.; Rice, J.

1990-10-01

From January 1989 through January 1990 samples of ambient air were collected at 14 sites in the eastern part of the U.S. Every 12 days, air was integrated over 24-hour periods into passivated stainless steel canisters. Simultaneously, air was drawn through cartridges containing dinitrophenylhydrazine to collect carbonyl compounds. The samples were analyzed at a central laboratory for a total of 37 halogenated and aromatic hydrocarbons, formaldehyde, acetaldehyde, and other oxygenated species. The hydrocarbon species were analyzed by gas chromatography/multiple detectors and gas chromatography/mass spectrometry, while the carbonyl species were analyzed by liquid chromatography. An extensive quality assurance program was carriedmore » on to secure high quality data. Complete data for all the carbonyl samples are presented in the report.« less

Quality assurance program for isotopic power systems

NASA Astrophysics Data System (ADS)

Hannigan, R. L.; Harnar, R. R.

1982-12-01

The Sandia National Laboratories Quality Assurance Program that applies to non-weapon (reimbursable) Radioisotopic Thermoelectric Generators is summarized. The program was implemented over the past 16 years on power supplies used in various space and terrestrial systems. The quality assurance (QA) activity of the program is in support of the Department of Energy, Office of Space Nuclear Projects. Basic elements of the program are described and examples of program documentation are presented.

77 FR 70483 - Request for Comments (RFC)-Federal Cybersecurity Research and Development Strategic Plan

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-26

... received by December 19, 2012. SUMMARY: This Request For Comments (RFC) is issued by the Cyber Security and... plan was developed under the leadership of the Cyber Security and Information Assurance Research and...

Computer-Aided Sensor Development Focused on Security Issues.

PubMed

Bialas, Andrzej

2016-05-26

The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research.

Computer-Aided Sensor Development Focused on Security Issues

PubMed Central

Bialas, Andrzej

2016-01-01

The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research. PMID:27240360

Technology Transfer Program (TTP). Quality Assurance System. Volume 2. Appendices

DTIC Science & Technology

1980-03-03

LSCo Report No. - 2X23-5.1-4-I TECHNOLOGY TRANSFER PROGRAM (TTP) FINAL REPORT QUALITY ASSURANCE SYSTEM Appendix A Accuracy Control System QUALITY...4-1 TECHNOLOGY TRANSFER PROGRAM (TTP) FINAL REPORT QUALITY ASSURANCE SYSTEM Appendix A Accuracy Control System QUALITY ASSURANCE VOLUME 2 APPENDICES...prepared by: Livingston Shipbuilding Company Orange, Texas March 3, 1980 APPENDIX A ACCURACY CONTROL SYSTEM . IIII MARINE TECHNOLOGY. INC. HP-121

The Impact of Contextual Factors on the Security of Code

DTIC Science & Technology

2014-12-30

in which a system is resourced, overseen, managed and assured will have a lot to do with how successfully it performs in actual practice. Software is...ensure proper and adequate system assurance . Because of the high degree of skill and specialization required, details about software and systems are...whole has to be carefully coordinated in order to assure against the types of faults that are the basis for most of the exploits listed in the Common

Benchmarking Software Assurance Implementation

DTIC Science & Technology

2011-05-18

product The chicken#. (a.k.a. Process Focused Assessment ) – Management Systems ( ISO 9001, ISO 27001 , ISO 2000) – Capability Maturity Models (CMMI...Assurance PRM, RMM, Assurance for CMMI)) – Lifecycle Processes ( ISO /IEEE 15288, ISO /IEEE 12207) – COBIT, ITIL, MS SDL, OSAMM, BSIMM 5 The egg...a.k.a Product Focused Assessments) – SCAP - NIST-SCAP – ISO /OMG W3C – KDM, BPMN, RIF, XMI, RDF – OWASP Top 10 – SANS TOP 25 – Secure Code Check Lists

10 CFR 830.121 - Quality Assurance Program (QAP).

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 4 2010-01-01 2010-01-01 false Quality Assurance Program (QAP). 830.121 Section 830.121 Energy DEPARTMENT OF ENERGY NUCLEAR SAFETY MANAGEMENT Quality Assurance Requirements § 830.121 Quality... the Quality Assurance criteria in § 830.122. (b) The contractor responsible for a DOE nuclear facility...

10 CFR 830.121 - Quality Assurance Program (QAP).

Code of Federal Regulations, 2013 CFR

2013-01-01

... changes continue to satisfy the quality assurance requirements. (4) Conduct work in accordance with the... 10 Energy 4 2013-01-01 2013-01-01 false Quality Assurance Program (QAP). 830.121 Section 830.121 Energy DEPARTMENT OF ENERGY NUCLEAR SAFETY MANAGEMENT Quality Assurance Requirements § 830.121 Quality...

10 CFR 830.121 - Quality Assurance Program (QAP).

Code of Federal Regulations, 2012 CFR

2012-01-01

... changes continue to satisfy the quality assurance requirements. (4) Conduct work in accordance with the... 10 Energy 4 2012-01-01 2012-01-01 false Quality Assurance Program (QAP). 830.121 Section 830.121 Energy DEPARTMENT OF ENERGY NUCLEAR SAFETY MANAGEMENT Quality Assurance Requirements § 830.121 Quality...

10 CFR 830.121 - Quality Assurance Program (QAP).

Code of Federal Regulations, 2011 CFR

2011-01-01

... changes continue to satisfy the quality assurance requirements. (4) Conduct work in accordance with the... 10 Energy 4 2011-01-01 2011-01-01 false Quality Assurance Program (QAP). 830.121 Section 830.121 Energy DEPARTMENT OF ENERGY NUCLEAR SAFETY MANAGEMENT Quality Assurance Requirements § 830.121 Quality...

10 CFR 830.121 - Quality Assurance Program (QAP).

Code of Federal Regulations, 2014 CFR

2014-01-01

... changes continue to satisfy the quality assurance requirements. (4) Conduct work in accordance with the... 10 Energy 4 2014-01-01 2014-01-01 false Quality Assurance Program (QAP). 830.121 Section 830.121 Energy DEPARTMENT OF ENERGY NUCLEAR SAFETY MANAGEMENT Quality Assurance Requirements § 830.121 Quality...

15 CFR 996.33 - Acceptance of program by non-Federal entities.

Code of Federal Regulations, 2014 CFR

2014-01-01

... ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES Other Quality Assurance Program Matters... information submitted to NOAA under this Program shall be deemed to be in the public domain, and no...

15 CFR 996.33 - Acceptance of program by non-Federal entities.

Code of Federal Regulations, 2013 CFR

2013-01-01

... ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES Other Quality Assurance Program Matters... information submitted to NOAA under this Program shall be deemed to be in the public domain, and no...

15 CFR 996.33 - Acceptance of program by non-Federal entities.

Code of Federal Regulations, 2012 CFR

2012-01-01

... ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES Other Quality Assurance Program Matters... information submitted to NOAA under this Program shall be deemed to be in the public domain, and no...

15 CFR 996.33 - Acceptance of program by non-Federal entities.

Code of Federal Regulations, 2011 CFR

2011-01-01

... ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES Other Quality Assurance Program Matters... information submitted to NOAA under this Program shall be deemed to be in the public domain, and no...

77 FR 38350 - Self-Regulatory Organizations; Chicago Mercantile Exchange Inc.; Notice of Filing and Order...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-27

... Act because it helps to assure the safeguarding of securities and funds which are in its custody or... designated clearing organization; and (iii) the activity relating to the non-security clearing operations of... SECURITIES AND EXCHANGE COMMISSION [Release No. 34-67232; File No. SR-CME-2012-24] Self-Regulatory...

National Security and U.S.-Soviet Relations. Occasional Paper 26.

ERIC Educational Resources Information Center

Clemens, Walter C., Jr.

This paper provides an analytical look at the evolving relationship between the United States and the Soviet Union. The author explores the prospects for international security and advocates a number of policies which would benefit both societies. The first section in the booklet discusses how U.S. security cannot be assured even if the Congress…

Formal Assurance Arguments: A Solution In Search of a Problem?

NASA Technical Reports Server (NTRS)

Graydon, Patrick J.

2015-01-01

An assurance case comprises evidence and argument showing how that evidence supports assurance claims (e.g., about safety or security). It is unsurprising that some computer scientists have proposed formalizing assurance arguments: most associate formality with rigor. But while engineers can sometimes prove that source code refines a formal specification, it is not clear that formalization will improve assurance arguments or that this benefit is worth its cost. For example, formalization might reduce the benefits of argumentation by limiting the audience to people who can read formal logic. In this paper, we present (1) a systematic survey of the literature surrounding formal assurance arguments, (2) an analysis of errors that formalism can help to eliminate, (3) a discussion of existing evidence, and (4) suggestions for experimental work to definitively answer the question.

Restricted access processor - An application of computer security technology

NASA Technical Reports Server (NTRS)

Mcmahon, E. M.

1985-01-01

This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

LOVE CANAL MONITORING PROGRAM. GCA QA/QC (QUALITY ASSURANCE/QUALITY CONTROL) SUMMARY REPORT

EPA Science Inventory

One of the most important responsibilities of the Love Canal prime contractor was the institution and maintenance of a quality assurance program. An important objective of the quality assurance program was to alert the subcontractors to the importance of high quality work on thei...

Federal Environmental Monitoring: Will the Bubble Burst?

ERIC Educational Resources Information Center

Miller, Stan

1978-01-01

A quality assurance program for environmental monitoring is identified as necesary for the collection of reliable, interchangeable, and legally defensible data. The article defines quality assurance and describes the EPA quality assurance program. (MA)

20 CFR 655.1305 - Assurances and obligations of H-2A employers.

Code of Federal Regulations, 2010 CFR

2010-04-01

..., including employment-related health and safety laws; (2) Provide for or secure housing for those workers who... LABOR TEMPORARY EMPLOYMENT OF FOREIGN WORKERS IN THE UNITED STATES Labor Certification Process for Temporary Agricultural Employment in the United States (H-2A Workers) § 655.1305 Assurances and obligations...

23 CFR Appendix C to Part 1200 - ASSURANCES FOR TEEN TRAFFIC SAFETY PROGRAM

Code of Federal Regulations, 2013 CFR

2013-04-01

... 23 Highways 1 2013-04-01 2013-04-01 false ASSURANCES FOR TEEN TRAFFIC SAFETY PROGRAM C APPENDIX C... STATE HIGHWAY SAFETY GRANT PROGRAMS Pt. 1200, App. C APPENDIX C TO PART 1200—ASSURANCES FOR TEEN TRAFFIC SAFETY PROGRAM State: Fiscal Year: The State has elected to implement a Teen Traffic Safety Program—a...

23 CFR Appendix C to Part 1200 - Assurances for Teen Traffic Safety Program

Code of Federal Regulations, 2014 CFR

2014-04-01

... 23 Highways 1 2014-04-01 2014-04-01 false Assurances for Teen Traffic Safety Program C Appendix C... STATE HIGHWAY SAFETY GRANT PROGRAMS Pt. 1200, App. C Appendix C to Part 1200—Assurances for Teen Traffic Safety Program State: Fiscal Year: The State has elected to implement a Teen Traffic Safety Program—a...

POTENTIAL RADIOACTIVE POLLUTANTS RESULTING FROM EXPANDED ENERGY PROGRAMS

EPA Science Inventory

An effective environmental monitoring program must have a quality assurance component to assure the production of valid data. Quality assurance has many components: calibration standards, standard reference materials, standard reference methods, interlaboratory comparison studies...

48 CFR 3046.790-1 - Scope (USCG).

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 7 2014-10-01 2014-10-01 false Scope (USCG). 3046.790-1 Section 3046.790-1 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) CONTRACT MANAGEMENT QUALITY ASSURANCE Warranties 3046.790-1 Scope...

48 CFR 3046.790-1 - Scope (USCG).

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 7 2010-10-01 2010-10-01 false Scope (USCG). 3046.790-1 Section 3046.790-1 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) CONTRACT MANAGEMENT QUALITY ASSURANCE Warranties 3046.790-1 Scope...

48 CFR 3046.792 - Cost benefit analysis (USCG).

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 7 2010-10-01 2010-10-01 false Cost benefit analysis (USCG). 3046.792 Section 3046.792 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) CONTRACT MANAGEMENT QUALITY ASSURANCE Warranties 3046.792...

36 CFR 1008.6 - Assuring integrity of records.

Code of Federal Regulations, 2010 CFR

2010-07-01

... subject to the Privacy Act be maintained with appropriate administrative, technical and physical...) Records security. Whether maintained in physical or electronic form, records subject to the Privacy Act... the system of records. The Privacy Act Officer will periodically review these security measures to...

Underground Test Area Activity Quality Assurance Plan Nevada National Security Site, Nevada. Revision 1

DOE Office of Scientific and Technical Information (OSTI.GOV)

Farnham, Irene; Krenzien, Susan

This Quality Assurance Plan (QAP) provides the overall quality assurance (QA) requirements and general quality practices to be applied to the U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Site Office (NNSA/NSO) Underground Test Area (UGTA) activities. The requirements in this QAP are consistent with DOE Order 414.1C, Quality Assurance (DOE, 2005); U.S. Environmental Protection Agency (EPA) Guidance for Quality Assurance Project Plans for Modeling (EPA, 2002); and EPA Guidance on the Development, Evaluation, and Application of Environmental Models (EPA, 2009). NNSA/NSO, or designee, must review this QAP every two years. Changes that do not affect the overallmore » scope or requirements will not require an immediate QAP revision but will be incorporated into the next revision cycle after identification. Section 1.0 describes UGTA objectives, participant responsibilities, and administrative and management quality requirements (i.e., training, records, procurement). Section 1.0 also details data management and computer software requirements. Section 2.0 establishes the requirements to ensure newly collected data are valid, existing data uses are appropriate, and environmental-modeling methods are reliable. Section 3.0 provides feedback loops through assessments and reports to management. Section 4.0 provides the framework for corrective actions. Section 5.0 provides references for this document.« less

76 FR 17159 - Office of New Reactors; Final Interim Staff Guidance on Standard Review Plan, Section 17.4...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-28

... Interim Staff Guidance on Standard Review Plan, Section 17.4, ``Reliability Assurance Program'' AGENCY... design reliability assurance program (RAP). This ISG updates the guidance provided to the staff in Standard Review Plan (SRP), Section 17.4, ``Reliability Assurance Program,'' of NUREG-0800, ``Standard...

76 FR 26341 - Medicaid Program; Methods for Assuring Access to Covered Medicaid Services

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-06

... Medicare & Medicaid Services 42 CFR Part 447 Medicare Program; Methods for Assuring Access to Covered... Services 42 CFR Part 447 [CMS 2328-P] RIN 0938-AQ54 Medicaid Program; Methods for Assuring Access to... design the procedures for enrolling providers of such care, and to set the methods for establishing...

78 FR 54510 - New Entrant Safety Assurance Program Operational Test

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-04

...-0298] New Entrant Safety Assurance Program Operational Test AGENCY: Federal Motor Carrier Safety...) announces an operational test of procedural changes to the New Entrant Safety Assurance Program. The operational test began in July 2013 and will be in effect for up to 12 months. It is applicable to new entrant...

78 FR 29016 - Establishing Quality Assurance Programs for Packaging Used in Transport of Radioactive Material

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-16

... Establishing Quality Assurance Programs for Packaging Used in Transport of Radioactive Material AGENCY: Nuclear..., ``Establishing Quality Assurance Programs for Packaging Used in Transport of Radioactive Material.'' This draft... regulations for the packaging and transportation of radioactive material in Part 71 of Title 10 of the Code of...

76 FR 68242 - Self-Regulatory Organizations; Chicago Mercantile Exchange, Inc.; Order Approving Proposed Rule...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-03

... securities and funds which are in the custody or control of such clearing agency or for which it is... assure the safeguarding of securities and funds which are in its custody or control or for which it is... SECURITIES AND EXCHANGE COMMISSION [Release No. 34-65655; File No. SR-CME-2011-07] Self-Regulatory...

An Evaluation Methodology for the Usability and Security of Cloud-based File Sharing Technologies

DTIC Science & Technology

2012-09-01

FISMA, ISO 27001 , FIPS 140-2, and ISO 270001) indicate a cloud-based service’s compliance with industry standard security controls, management and...Information Assurance IEEE Institute of Electrical and Electronics Engineers IT Information Technology ITS Insider Threat Study ISO International...effectively, efficiently and with satisfaction” (International Organization for Standardization [ ISO ], 1998). Alternately, information security

Securing your financial future.

PubMed

Kachalia, Parag R

2009-04-01

Securing one's financial future requires dedication and planning. A clear plan must be implemented and continually re-examined to assure an individual remains on track to achieve this security. True success of the plan will be dependent upon taking the appropriate steps to protecting one's assets against unfortunate events along with building assets with a clear end goal in mind. This article will cover the fundamental steps an individual can take to secure their financial future.

TCIA Secure Cyber Critical Infrastructure Modernization.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Keliiaa, Curtis M.

The Sandia National Laboratories (Sandia Labs) tribal cyber infrastructure assurance initiative was developed in response to growing national cybersecurity concerns in the the sixteen Department of Homeland Security (DHS) defined critical infrastructure sectors1. Technical assistance is provided for the secure modernization of critical infrastructure and key resources from a cyber-ecosystem perspective with an emphasis on enhanced security, resilience, and protection. Our purpose is to address national critical infrastructure challenges as a shared responsibility.

Collection of post mortem data: DVI protocols and quality assurance.

PubMed

Kvaal, Sigrid I

2006-05-15

In many countries forensic odontologists are members of the Disaster Victim Identification (DVI) team. As part of their post mortem (PM) tasks work on the incident site may include securing and preserving the dental material and evidence before transport to the mortuary. In the autopsy room the main aim is to register the PM dental status. Photographs and radiographs are essential documentations in addition to a conventional registration of the dental status. Abbreviations in the registration may be used if agreed with the ante mortem (AM) team. Dental age estimation may be an aid in the sorting process and especially in victims without previous dental treatment. Interpol has a form set as part of their DVI manual. Forensic odontologists working in pairs and checking each other will act as quality assurance (QA) as suggested by International Organization for Forensic Odonto-Stomatology (IOFOS). Direct entry into the computer program as part of the registration in the autopsy room may save time and manpower.

Remedial investigation/feasibility study for the Clinch River/Poplar Creek operable unit. Volume 5. Appendixes G, H, I, J

DOE Office of Scientific and Technical Information (OSTI.GOV)

NONE

1995-09-01

The Quality Assurance/Quality Control (QA/QC) Program for Phase 2 of the Clinch River Remedial Investigation (CRRI) was designed to comply with both Department of Energy (DOE) Order 5700.6C and Environmental Protection Agency (EPA) QAMS-005/80 (EPA 1980a) guidelines. QA requirements and the general QA objectives for Phase 2 data were defined in the Phase 2 Sampling and Analysis Plan (SAP)-Quality Assurance Project Plan, and scope changes noted in the Phase 2 Sampling and Analysis Plan Addendum. The QA objectives for Phase 2 data were the following: (1) Scientific data generated will withstand scientific and legal scrutiny. (2) Data will be gatheredmore » using appropriate procedures for sample collection, sample handling and security, chain of custody (COC), laboratory analyses, and data reporting. (3) Data will be of known precision and accuracy. (4) Data will meet data quality objectives (DQOs) defined in the Phase 2 SAP.« less

Network security system for health and medical information using smart IC card

NASA Astrophysics Data System (ADS)

Kanai, Yoichi; Yachida, Masuyoshi; Yoshikawa, Hiroharu; Yamaguchi, Masahiro; Ohyama, Nagaaki

1998-07-01

A new network security protocol that uses smart IC cards has been designed to assure the integrity and privacy of medical information in communication over a non-secure network. Secure communication software has been implemented as a library based on this protocol, which is called the Integrated Secure Communication Layer (ISCL), and has been incorporated into information systems of the National Cancer Center Hospitals and the Health Service Center of the Tokyo Institute of Technology. Both systems have succeeded in communicating digital medical information securely.

Food safety regulations in Australia and New Zealand Food Standards.

PubMed

Ghosh, Dilip

2014-08-01

Citizens of Australia and New Zealand recognise that food security is a major global issue. Food security also affects Australia and New Zealand's status as premier food exporting nations and the health and wellbeing of the Australasian population. Australia is uniquely positioned to help build a resilient food value chain and support programs aimed at addressing existing and emerging food security challenges. The Australian food governance system is fragmented and less transparent, being largely in the hands of government and semi-governmental regulatory authorities. The high level of consumer trust in Australian food governance suggests that this may be habitual and taken for granted, arising from a lack of negative experiences of food safety. In New Zealand the Ministry of Primary Industries regulates food safety issues. To improve trade and food safety, New Zealand and Australia work together through Food Standards Australia New Zealand (FSANZ) and other co-operative agreements. Although the potential risks to the food supply are dynamic and constantly changing, the demand, requirement and supply for providing safe food remains firm. The Australasian food industry will need to continually develop its system that supports the food safety program with the help of scientific investigations that underpin the assurance of what is and is not safe. The incorporation of a comprehensive and validated food safety program is one of the total quality management systems that will ensure that all areas of potential problems are being addressed by industry. © 2014 Society of Chemical Industry.

Lawrence Livermore National Laboratory Safeguards and Security quarterly progress report to the US Department of Energy: Quarter ending December 31, 1993

DOE Office of Scientific and Technical Information (OSTI.GOV)

Davis, G.; Mansur, D.L.; Ruhter, W.D.

1994-01-01

The Lawrence Livermore National Laboratory (LLNL) carries out safeguards and security activities for the Department of Energy (DOE), Office of Safeguards and Security (OSS), as well as other organizations, both within and outside the DOE. This document summarizes the activities conducted for the OSS during the first quarter of fiscal year 1994 (October through December, 1993). The nature and scope of the activities carried out for OSS at LLNL require a broad base of technical expertise. To assure projects are staffed and executed effectively, projects are conducted by the organization at LLNL best able to supply the needed technical expertise.more » These projects are developed and managed by senior program managers. Institutional oversight and coordination is provided through the LLNL Deputy Director`s office. At present, the Laboratory is supporting OSS in five areas: (1) Safeguards Technology, (2) Safeguards and Decision Support, (3) Computer Security, (4) DOE Automated Physical Security, and (5) DOE Automated Visitor Access Control System. This report describes the activities in each of these five areas. The information provided includes an introduction which briefly describes the activity, summary of major accomplishments, task descriptions with quarterly progress, summaries of milestones and deliverables and publications published this quarter.« less

Lawrence Livermore National Laboratory safeguards and security quarterly progress report to the U.S. Department of Energy. Quarter ending December 31, 1996

DOE Office of Scientific and Technical Information (OSTI.GOV)

Davis, G.; Mansur, D.L.; Ruhter, W.D.

The Lawrence Livermore National Laboratory (LLNL) carries out safeguards and security activities for the Department of Energy (DOE), Office of Safeguards and Security (OSS), as well as other organizations, both within and outside the DOE. This document summarizes the activities conducted for the OSS during the First Quarter of Fiscal Year 1997 (October through December, 1996). The nature and scope of the activities carried out for OSS at LLNL require a broad base of technical expertise. To assure projects are staffed and executed effectively, projects are conducted by the organization at LLNL best able to supply the needed technical expertise.more » These projects are developed and managed by senior program managers. Institutional oversight and coordination is provided through the LLNL Deputy Director`s office. At present, the Laboratory is supporting OSS in four areas: (1) safeguards technology; (2) safeguards and material accountability; (3) computer security--distributed systems; and (4) physical and personnel security support. The remainder of this report describes the activities in each of these four areas. The information provided includes an introduction which briefly describes the activity, summary of major accomplishments, task descriptions with quarterly progress, summaries of milestones and deliverables and publications published this quarter.« less

A wireless electronic monitoring system for securing milk from farm to processor

NASA Astrophysics Data System (ADS)

Womble, Phillip; Hopper, Lindsay; Thompson, Chris; Alexander, Suraj M.; Crist, William; Payne, Fred; Stombaugh, Tim; Paschal, Jon; Moore, Ryan; Luck, Brian; Tabayehnejab, Nasrin

2008-04-01

The Department of Homeland Security and the Department of Health and Human Services have targeted bulk food contamination as a focus for attention. The contamination of bulk food poses a high consequence threat to our society. Milk transport falls into three of the 17 targeted NIPP (National Infrastructure Protection Plan) sectors including agriculture-food, public health, and commercial facilities. Minimal security safeguards have been developed for bulk milk transport. The current manual methods of securing milk are paper intensive and prone to errors. The bulk milk transportation sector requires a security enhancement that will both reduce recording errors and enable normal transport activities to occur while providing security against unauthorized access. Milk transportation companies currently use voluntary seal programs that utilize plastic, numbered seals on milk transport tank openings. Our group has developed a Milk Transport Security System which is an electromechanical access control and communication system that assures the secure transport of milk, milk samples, milk data, and security data between locations and specifically between dairy farms, transfer stations, receiving stations, and milk plants. It includes a security monitoring system installed on the milk transport tank, a hand held device, optional printers, data server, and security evaluation software. The system operates automatically and requires minimal or no attention by the bulk milk hauler/sampler. The system is compatible with existing milk transport infrastructure, and has the support of the milk producers, milk transportation companies, milk marketing agencies, and dairy processors. The security protocol developed is applicable for transport of other bulk foods both nationally and internationally. This system adds significantly to the national security infrastructure for bulk food transport. We are currently demonstrating the system in central Kentucky and will report on the results of the demonstration.

NASA's Approach to Software Assurance

NASA Technical Reports Server (NTRS)

Wetherholt, Martha

2015-01-01

NASA defines software assurance as: the planned and systematic set of activities that ensure conformance of software life cycle processes and products to requirements, standards, and procedures via quality, safety, reliability, and independent verification and validation. NASA's implementation of this approach to the quality, safety, reliability, security and verification and validation of software is brought together in one discipline, software assurance. Organizationally, NASA has software assurance at each NASA center, a Software Assurance Manager at NASA Headquarters, a Software Assurance Technical Fellow (currently the same person as the SA Manager), and an Independent Verification and Validation Organization with its own facility. An umbrella risk mitigation strategy for safety and mission success assurance of NASA's software, software assurance covers a wide area and is better structured to address the dynamic changes in how software is developed, used, and managed, as well as it's increasingly complex functionality. Being flexible, risk based, and prepared for challenges in software at NASA is essential, especially as much of our software is unique for each mission.

Development of a quality assurance program for ionizing radiation secondary calibration laboratories

DOE Office of Scientific and Technical Information (OSTI.GOV)

Heaton, H.T. II; Taylor, A.R. Jr.

For calibration laboratories, routine calibrations of instruments meeting stated accuracy goals are important. One method of achieving the accuracy goals is to establish and follow a quality assurance program designed to monitor all aspects of the calibration program and to provide the appropriate feedback mechanism if adjustments are needed. In the United States there are a number of organizations with laboratory accreditation programs. All existing accreditation programs require that the laboratory implement a quality assurance program with essentially the same elements in all of these programs. Collectively, these elements have been designated as a Measurement Quality Assurance (MQA) program. Thismore » paper will briefly discuss the interrelationship of the elements of an MQA program. Using the Center for Devices and Radiological Health (CDRH) X-ray Calibration Laboratory (XCL) as an example, it will focus on setting up a quality control program for the equipment in a Secondary Calibration Laboratory.« less

Information Assurance within the United States Air Force

ERIC Educational Resources Information Center

Cherry, John D.

2010-01-01

According to the Department of Defense (DoD), a review of information assurance (IA) in the United States Air Force (USAF) in 2009, cyber security is jeopardized because of information loss. This situation has occurred in large part because of less than optimal training practices or adherence to training protocols. The purpose of this study was…

Learning Outcomes--A Useful Tool in Quality Assurance? Views from Academic Staff

ERIC Educational Resources Information Center

Aamodt, Per Olaf; Frølich, Nicoline; Stensaker, Bjørn

2018-01-01

While the establishment of quality assurance has been seen for decades as the most significant instrument to secure and enhance the quality of teaching and learning in higher education, the concept of developing more specific learning outcomes has in recent years attracted much interest, not least due to the creation of national qualification…

Can the Analytical Hierarchy Process Model Be Effectively Applied in the Prioritization of Information Assurance Defense In-Depth Measures? --A Quantitative Study

ERIC Educational Resources Information Center

Alexander, Rodney T.

2017-01-01

Organizational computing devices are increasingly becoming targets of cyber-attacks, and organizations have become dependent on the safety and security of their computer networks and their organizational computing devices. Business and government often use defense in-depth information assurance measures such as firewalls, intrusion detection…

LABORATORY AND FIELD AUDITS AS PART OF THE EPA (ENVIRONMENTAL PROTECTION AGENCY) HAZARDOUS WASTE ENGINEERING RESEARCH LABORATORY (HWERL) QUALITY ASSURANCE PROGRAM

EPA Science Inventory

Audits are an important and integral part of the EPA Hazardous Waste Engineering Research Laboratory (HWERL) Quality Assurance (QA) Program. As part of the overall QA program, audits are used to determine contractor compliance with quality assurance plans and to assess the overal...

Developments in amphibian captive breeding and reintroduction programs.

PubMed

Harding, Gemma; Griffiths, Richard A; Pavajeau, Lissette

2016-04-01

Captive breeding and reintroduction remain high profile but controversial conservation interventions. It is important to understand how such programs develop and respond to strategic conservation initiatives. We analyzed the contribution to conservation made by amphibian captive breeding and reintroduction since the launch of the International Union for Conservation of Nature (IUCN) Amphibian Conservation Action Plan (ACAP) in 2007. We assembled data on amphibian captive breeding and reintroduction from a variety of sources including the Amphibian Ark database and the IUCN Red List. We also carried out systematic searches of Web of Science, JSTOR, and Google Scholar for relevant literature. Relative to data collected from 1966 to 2006, the number of species involved in captive breeding and reintroduction projects increased by 57% in the 7 years since release of the ACAP. However, there have been relatively few new reintroductions over this period; most programs have focused on securing captive-assurance populations (i.e., species taken into captivity as a precaution against extinctions in the wild) and conservation-related research. There has been a shift to a broader representation of frogs, salamanders, and caecilians within programs and an increasing emphasis on threatened species. There has been a relative increase of species in programs from Central and South America and the Caribbean, where amphibian biodiversity is high. About half of the programs involve zoos and aquaria with a similar proportion represented in specialist facilities run by governmental or nongovernmental agencies. Despite successful reintroduction often being regarded as the ultimate milestone for such programs, the irreversibility of many current threats to amphibians may make this an impractical goal. Instead, research on captive assurance populations may be needed to develop imaginative solutions to enable amphibians to survive alongside current, emerging, and future threats. © 2015 Society for Conservation Biology.

15 CFR 996.33 - Acceptance of program by non-Federal entities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Trade (Continued) NATIONAL OCEANIC AND ATMOSPHERIC ADMINISTRATION, DEPARTMENT OF COMMERCE QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES Other Quality Assurance Program Matters...

An expanded safeguards role for the DOE safeguards analytical laboratory

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bingham, C.D.

The New Brunswick Laboratory (NBL) is a Government-owned, Government-operated (GOGO) laboratory, with the mission to provide and maintain a nuclear material measurements and standards laboratory. The functional responsibilities of NBL serve as a technical response to the statutory responsibility of the Department of Energy (DOE) to assure the safeguarding of nuclear materials. In the execution of its mission, NBL carries out activities in six safeguards-related programs: measurement development, measurement evaluation, measurement services, safeguards assessment, reference and calibration materials and site-specific assistance. These program activities have been implemented by NBL for many years; their relative emphases, however, have been changed recentlymore » to address the priorities defined by the DOE Office of Safeguards and Security, Defense Programs (OSS/DP). As a consequence, NBL operations are in the ''mainstream'' of domestic safeguards activities. This expanded safeguards role for NBL is discussed in this paper.« less

25 CFR 700.263 - Assuring integrity of records.

Code of Federal Regulations, 2013 CFR

2013-04-01

... safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment..., subject to safeguards based on those recommended in the National Bureau of Standards booklet “Computer...

25 CFR 700.263 - Assuring integrity of records.

Code of Federal Regulations, 2014 CFR

2014-04-01

... safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment..., subject to safeguards based on those recommended in the National Bureau of Standards booklet “Computer...

25 CFR 700.263 - Assuring integrity of records.

Code of Federal Regulations, 2010 CFR

2010-04-01

... safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarassment..., subject to safeguards based on those recommended in the National Bureau of Standards booklet “Computer...

25 CFR 700.263 - Assuring integrity of records.

Code of Federal Regulations, 2011 CFR

2011-04-01

... safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarassment..., subject to safeguards based on those recommended in the National Bureau of Standards booklet “Computer...

25 CFR 700.263 - Assuring integrity of records.

Code of Federal Regulations, 2012 CFR

2012-04-01

... safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment..., subject to safeguards based on those recommended in the National Bureau of Standards booklet “Computer...

External Quality Assurance Programs Managed by the U.S. Geological Survey in Support of the National Atmospheric Deposition Program/Mercury Deposition Network

USGS Publications Warehouse

Latysh, Natalie E.; Wetherbee, Gregory A.

2007-01-01

The U.S. Geological Survey (USGS) Branch of Quality Systems operates external quality assurance programs for the National Atmospheric Deposition Program/Mercury Deposition Network (NADP/MDN). Beginning in 2004, three programs have been implemented: the system blank program, the interlaboratory comparison program, and the blind audit program. Each program was designed to measure error contributed by specific components in the data-collection process. The system blank program assesses contamination that may result from sampling equipment, field exposure, and routine handling and processing of the wet-deposition samples. The interlaboratory comparison program evaluates bias and precision of analytical results produced by the Mercury Analytical Laboratory (HAL) for the NADP/MDN, operated by Frontier GeoSciences, Inc. The HAL's performance is compared with the performance of five other laboratories. The blind audit program assesses bias and variability of MDN data produced by the HAL using solutions disguised as environmental samples to ascertain true laboratory performance. This report documents the implementation of quality assurance procedures for the NADP/MDN and the operating procedures for each of the external quality assurance programs conducted by the USGS. The USGS quality assurance information provides a measure of confidence to NADP/MDN data users that measurement variability is distinguished from environmental signals.

Maintaining the Status Quo in the Taiwan Strait

DTIC Science & Technology

2013-03-01

of National Security and Strategy 8. PERFORMING ORGANIZATION REPORT NUMBER 9. SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS(ES) U.S. Army...Count: 5,308 14. ABSTRACT In order to ensure vital U.S. interests concerning security and economic freedom in the region, the status quo in the...international/regional support of Taiwan, Taiwanese military deterrence backed by strategically ambiguous U.S. assurances of security , intertwined

Quality Assurance of Joint Degree Programs from the Perspective of Quality Assurance Agencies: Experience in East Asia

ERIC Educational Resources Information Center

Hou, Yung-Chi; Ince, Martin; Tsai, Sandy; Wang, Wayne; Hung, Vicky; Lin Jiang, Chung; Chen, Karen Hui-Jung

2016-01-01

Joint degree programs have gained popularity in East Asia, due to the growth of transnational higher education in the region since 2000. However, the external quality assurance (QA) and accreditation of joint degree programs is a challenge for QA agencies, as it normally involves the engagement of several institutions and multiple national…

Gross anatomy of network security

NASA Technical Reports Server (NTRS)

Siu, Thomas J.

2002-01-01

Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

10 CFR 63.144 - Quality assurance program change.

Code of Federal Regulations, 2010 CFR

2010-01-01

... assurance program at the time of the change; (2) The use of generic organizational position titles that... titles; (3) The use of generic organizational charts to indicate functional relationships, authorities... assurance standards to which the licensee is committed; and (5) Organizational revisions that ensure that...

Maintaining High Assurance in Asynchronous Messaging

DTIC Science & Technology

2015-10-24

Assurance in Asynchronous Messaging Kevin E. Foltz and William R. Simpson Abstract—Asynchronous messaging is the delivery of a message without... integrity , and confidentiality guarantees. End-to-end security for asynchronous messaging must be provided by the asynchronous messaging layer itself... continuing its processing. At the completion of message transmission, the sender does not know when or whether the receiver received it. The message

76 FR 54780 - Agency Information Collection Activities: Foreign Trade Zone Annual Reconciliation Certification...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-02

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection.... Customs and Border Protection (CBP), Department of Homeland Security. ACTION: 60-Day notice and request... November 1, 2011, to be assured of consideration. ADDRESSES: Direct all written comments to U.S. Customs...

38 CFR 18a.4 - Duties of the Director, Contract Compliance Service.

Code of Federal Regulations, 2010 CFR

2010-07-01

... periodic audits, reviews and evaluations; (c) Attempt to secure voluntary compliance by conciliatory or... assurance of compliance, or other source indicates noncompliance with Title VI; and report to the Chief... investigations, audits, reviews and evaluations or the results of attempts to secure voluntary compliance. [35 FR...

75 FR 75453 - Proposed Information Collection; Comment Request; Technical Data Letter of Explanation

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-03

... Request; Technical Data Letter of Explanation AGENCY: Bureau of Industry and Security. ACTION: Notice....gov . SUPPLEMENTARY INFORMATION: I. Abstract These technical data letters of explanation will assure the Bureau of Industry and Security that U.S.-origin technical data will be exported only for...

Towards Changes in Information Security Education

ERIC Educational Resources Information Center

Hentea, Mariana; Dhillon, Harpal S.; Dhillon, Manpreet

2006-01-01

Despite a variety of Information Security Assurance (ISA) curricula and diverse educational models, universities often fail to provide their graduates with skills demanded by employers. There is a big discrepancy between the levels of skills expected by employers and those the graduates have after completing their studies. The authors compare the…

Moving Secure Software Assurance into Higher Education: A Roadmap for Change

DTIC Science & Technology

2011-06-02

Summarized: The Issue: 6/2/20118 Software defects are currently a fact of life Software defects are avenues of security vulnerabilities that cyber ... criminals , terrorists, or hostile nations can exploit. We (THE ENTIRE INDUSTY) need to change the way we build systems Decrease the number of defects

78 FR 23280 - Agency Information Collection Activities: United States-Caribbean Basin Trade Partnership Act...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-18

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection... Protection (CBP), Department of Homeland Security. ACTION: 60-Day Notice and request for comments; Extension... assured of consideration. ADDRESSES: Direct all written comments to U.S. Customs and Border Protection...

Traffic Analysis for Network Security using Learning Theory and Streaming Algorithms

DTIC Science & Technology

2008-09-01

to have had friends who have immensely improved my research and presentation – David Brumley, Hubert Chan, Elena Nabieva, Vyas Sekar, and Runting Shi...Information Assurance and Security 2001, 2001. [15] Marco Barreno, Blaine Nelson, Russell Sears, Anthony D. Joseph, and J. D. Tygar. Can machine learning be

Quality assurance program requirements, Amendment 5 (9-26-79) to August 1973 issue

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

This standard sets forth general requirements for planning, managing, conducting, and evaluating quality assurance programs for reactor development and test facility projects and associated processes, structures, components, and systems. These quality assurance requirements are based on proven practices and provide the means of control and verification whereby those responsible fo poject management can assure that the quality required for safe, reliable, and economical operation will be achieved. The objective of the program of the programs covered by this standard is to assure that structures, components, systems, and facilities are designed, developed, manufactured, constructed, operated, and maintained in compliance with establishedmore » engineering criteria. To achieve this objective, controls are to be established and implemented at predetermined points, and necessary action taken to prevent, detect, and correct any deficiencies.« less

Quality assurance, an administrative means to a managerial end: Part I. A historical overview.

PubMed

Clark, G B

1990-01-01

Quality has become the hallmark of industrial excellence. Many diverse factors have heightened national concern about managing quality control throughout the health-care industry, including laboratory services. Industry-wide focus on quality control has created a need for an administrative program to evaluate its effectiveness. That program is medical quality assurance. Because of national and industry-wide concern, development of quality assurance theory has gained increasing importance in medical accreditation and management circles. Scrutiny of the application of quality assurance has become particularly prominent during accreditation inspections. Implementing quality assurance programs now demands more of already finite resources. The professional laboratory manager should understand how quality assurance has developed in the United States during the past 150 years. The well-informed manager should recognize why the health-care industry only recently began to develop its own expertise in quality assurance. It is also worthwhile to understand how heavily health care has relied on the lessons learned in the non-health-care sector. This three-part series will present information that will help in applying quality assurance more effectively as a management tool in the medical laboratory. This first part outlines the early industrial, socioeconomic, and medicolegal background of quality assurance. Terminology is defined with some distinction made between the terms management and administration. The second part will address current accreditation requirements. Special emphasis will be placed on the practical application of accreditation guidelines, providing a template for quality assurance methods in the medical laboratory. The third part will provide an overview of quality assurance as a total management tool with some suggestions for developing and implementing a quality assurance program.

The NASA Commercial Crew Program (CCP) Mission Assurance Process

NASA Technical Reports Server (NTRS)

Canfield, Amy

2016-01-01

In 2010, NASA established the Commercial Crew Program in order to provide human access to the International Space Station and low earth orbit via the commercial (non-governmental) sector. A particular challenge to NASA has been how to determine the commercial providers transportation system complies with Programmatic safety requirements. The process used in this determination is the Safety Technical Review Board which reviews and approves provider submitted Hazard Reports. One significant product of the review is a set of hazard control verifications. In past NASA programs, 100 percent of these safety critical verifications were typically confirmed by NASA. The traditional Safety and Mission Assurance (SMA) model does not support the nature of the Commercial Crew Program. To that end, NASA SMA is implementing a Risk Based Assurance (RBA) process to determine which hazard control verifications require NASA authentication. Additionally, a Shared Assurance Model is also being developed to efficiently use the available resources to execute the verifications. This paper will describe the evolution of the CCP Mission Assurance process from the beginning of the Program to its current incarnation. Topics to be covered include a short history of the CCP; the development of the Programmatic mission assurance requirements; the current safety review process; a description of the RBA process and its products and ending with a description of the Shared Assurance Model.

42 CFR 457.130 - Civil rights assurance.

Code of Federal Regulations, 2010 CFR

2010-10-01

... (CONTINUED) STATE CHILDREN'S HEALTH INSURANCE PROGRAMS (SCHIPs) ALLOTMENTS AND GRANTS TO STATES Introduction; State Plans for Child Health Insurance Programs and Outreach Strategies § 457.130 Civil rights assurance... 42 Public Health 4 2010-10-01 2010-10-01 false Civil rights assurance. 457.130 Section 457.130...

42 CFR 422.210 - Assurances to CMS.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 42 Public Health 3 2010-10-01 2010-10-01 false Assurances to CMS. 422.210 Section 422.210 Public Health CENTERS FOR MEDICARE & MEDICAID SERVICES, DEPARTMENT OF HEALTH AND HUMAN SERVICES (CONTINUED) MEDICARE PROGRAM MEDICARE ADVANTAGE PROGRAM Relationships With Providers § 422.210 Assurances to CMS. (a...

Engage States on Energy Assurance and Energy Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kara Colton; John Ratliff; Sue Gander

2008-09-30

The NGA Center's 'Engaging States on Energy Security and Energy Assurance' has been successful in achieving the stated project purposes and objectives both in the initial proposal as well as in subsequent revisions to it. Our activities, which involve the NGA Center for Best Practices (The NGA Center) Homeland Security and Technology Division, included conducting tabletop exercises to help federal and state homeland security and energy officials determine roles and actions for various emergency scenarios. This included efforts to education state official on developing an energy assurance plan, harmonizing approaches to controlling price volatility, implementing reliability standards, understanding short andmore » long-term energy outlooks and fuel diversification, and capitalizing on DOE's research and development activities. Regarding our work on energy efficiency and renewable energy, the NGA Center's Environment, Energy and Natural Resources Division hosted three workshops which engaged states on the clean energy and alternative transportation fuel and also produced several reports on related topics. In addition, we convened 18 meetings, via conference call, of the Energy Working Group. Finally, through the NGA Center's Front and Center newsletter articles, the NGA Center disseminated promising practices to a wide audience of state policymakers. The NGA Center also hosted a number of workshops and web conferences designed to directly engage states on the deliverables under this Cooperative Agreement. Through the NGA Center's written products and newsletter articles, the NGA Center was able to disseminate promising practices to a wide audience of state policymakers.« less

Circulation Control in NASA's Vehicle Systems

NASA Technical Reports Server (NTRS)

Rich, Paul; McKinley, Bob; Jones, Greg

2005-01-01

Specific to the application of any technology to a vehicle, such as circulation control, it is important to understand the process that NASA is using to set its direction in research and development. To see how circulation control fits into any given NASA program requires the reader to understand NASA's Vehicle Systems (VS) Program. The VS Program recently celebrated its first year of existence with an annual review - an opportunity to look back on accomplishments, solicit feedback, expand national advocacy and support for the program, and recognize key contributions. Since its formation last year, Vehicle Systems has coordinated seven existing entities in a streamlined aeronautics research effort. It invests in vehicle technologies to protect the environment, make air travel more accessible and affordable for Americans, enable exploration through new aerospace missions, and augment national security. This past year has seen a series of valuable partnerships with industry, academia, and government agencies to make crucial aeronautics advances and assure America s future in flight.

QA program plan plutonium stabilization and handling project W-460

DOE Office of Scientific and Technical Information (OSTI.GOV)

SCHULTZ, J.W.

This Quality Assurance Program Plan (QAPP) identifies Project Quality Assurance (QA) program requirements for all parties participating in the design, procurement, demolition, construction, installation, inspection and testing for Project W-460.

New Brunswick Laboratory. Progress report, October 1995--September 1996

DOE Office of Scientific and Technical Information (OSTI.GOV)

NONE

Fiscal year (FY) 1996 was a very good year for New Brunswick Laboratory (NBL), whose major sponsor is the Office of Safeguards and Security (NN-51) in the US Department of Energy (DOE), Office of Nonproliferation and National Security, Office of Security Affairs. Several projects pertinent to the NBL mission were completed, and NBL`s interactions with partners and customers were encouraging. Among the partners with which NBL interacted in this report period were the International Atomic Energy Agency (IAEA), NN-51. Environmental Program Group of the DOE Chicago Operations Office, International Safeguards Project Office, Waste Isolation Pilot Plant (WIPP), Ukraine Working Group,more » Fissile Materials Assurance Working Group, National Institute of Standards and Technology (NIST), Nuclear Regulatory Commission (NRC), Institute for Reference Materials and Measurements (IRMM) in Belgium, Brazilian/Argentine Agency for Accounting and Control of Nuclear Materials (ABACC), Lockheed Idaho Technologies Company, and other DOE facilities and laboratories. NBL staff publications, participation in safeguards assistance and other nuclear programs, development of new reference materials, involvement in the updating and refinement of DOE documents, service in enhancing the science education of others, and other related activities enhanced NBL`s status among DOE laboratories and facilities. Noteworthy are the facts that NBL`s small inventory of nuclear materials is accurately accounted for, and, as in past years, its materials and human resources were used in peaceful nuclear activities worldwide.« less

Change Detection Algorithms for Information Assurance of Computer Networks

DTIC Science & Technology

2002-01-01

original document contains color images. 14. ABSTRACT see report 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18...number of computer attacks increases steadily per year. At the time of this writing the Internet Security Systems’ baseline assessment is that a new...across a network by exploiting security flaws in widely-used services offered by vulnerable computers. In order to locate the vulnerable computers, the

Russia and NATO Enlargement: The Assurances in 1990 and Their Implications

DTIC Science & Technology

2009-06-01

to achieve “an agreement on the final legal settlement of the German question, which would serve our security interests and the cause of stability... intrinsically coupled to new security structures in Europe with no dominant player, particularly not the Soviet Union’s rival, the United States...main European security issues and would unconditionally acknowledge the CIS [Commonwealth of Independent States] as a sphere of vital interest to

78 FR 35631 - Proposed Information Collection Request; Comment Request; 40 CFR Part 64 Compliance Assurance...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-13

... the fact that most facilities are now using electronic monitoring to conduct their recording, thus... Request; Comment Request; 40 CFR Part 64 Compliance Assurance Monitoring Program AGENCY: Environmental... an information collection request, ``40 CFR Part 64 Compliance Assurance Monitoring Program'' (EPA...

78 FR 28987 - Revisions to Transportation Safety Requirements and Harmonization With International Atomic...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-16

... Transportation Requirements; Establishing Quality Assurance Programs for Packaging Used in Transport of... would make the regulation of quality assurance programs more efficient by allowing changes that do not change quality assurance approval holder commitments to be made without prior NRC approval, and extending...

Risk-Significant Adverse Condition Awareness Strengthens Assurance of Fault Management Systems

NASA Technical Reports Server (NTRS)

Fitz, Rhonda

2017-01-01

As spaceflight systems increase in complexity, Fault Management (FM) systems are ranked high in risk-based assessment of software criticality, emphasizing the importance of establishing highly competent domain expertise to provide assurance. Adverse conditions (ACs) and specific vulnerabilities encountered by safety- and mission-critical software systems have been identified through efforts to reduce the risk posture of software-intensive NASA missions. Acknowledgement of potential off-nominal conditions and analysis to determine software system resiliency are important aspects of hazard analysis and FM. A key component of assuring FM is an assessment of how well software addresses susceptibility to failure through consideration of ACs. Focus on significant risk predicted through experienced analysis conducted at the NASA Independent Verification & Validation (IV&V) Program enables the scoping of effective assurance strategies with regard to overall asset protection of complex spaceflight as well as ground systems. Research efforts sponsored by NASAs Office of Safety and Mission Assurance (OSMA) defined terminology, categorized data fields, and designed a baseline repository that centralizes and compiles a comprehensive listing of ACs and correlated data relevant across many NASA missions. This prototype tool helps projects improve analysis by tracking ACs and allowing queries based on project, mission type, domain/component, causal fault, and other key characteristics. Vulnerability in off-nominal situations, architectural design weaknesses, and unexpected or undesirable system behaviors in reaction to faults are curtailed with the awareness of ACs and risk-significant scenarios modeled for analysts through this database. Integration within the Enterprise Architecture at NASA IV&V enables interfacing with other tools and datasets, technical support, and accessibility across the Agency. This paper discusses the development of an improved workflow process utilizing this database for adaptive, risk-informed FM assurance that critical software systems will safely and securely protect against faults and respond to ACs in order to achieve successful missions.

Risk-Significant Adverse Condition Awareness Strengthens Assurance of Fault Management Systems

NASA Technical Reports Server (NTRS)

Fitz, Rhonda

2017-01-01

As spaceflight systems increase in complexity, Fault Management (FM) systems are ranked high in risk-based assessment of software criticality, emphasizing the importance of establishing highly competent domain expertise to provide assurance. Adverse conditions (ACs) and specific vulnerabilities encountered by safety- and mission-critical software systems have been identified through efforts to reduce the risk posture of software-intensive NASA missions. Acknowledgement of potential off-nominal conditions and analysis to determine software system resiliency are important aspects of hazard analysis and FM. A key component of assuring FM is an assessment of how well software addresses susceptibility to failure through consideration of ACs. Focus on significant risk predicted through experienced analysis conducted at the NASA Independent Verification Validation (IVV) Program enables the scoping of effective assurance strategies with regard to overall asset protection of complex spaceflight as well as ground systems. Research efforts sponsored by NASA's Office of Safety and Mission Assurance defined terminology, categorized data fields, and designed a baseline repository that centralizes and compiles a comprehensive listing of ACs and correlated data relevant across many NASA missions. This prototype tool helps projects improve analysis by tracking ACs and allowing queries based on project, mission type, domaincomponent, causal fault, and other key characteristics. Vulnerability in off-nominal situations, architectural design weaknesses, and unexpected or undesirable system behaviors in reaction to faults are curtailed with the awareness of ACs and risk-significant scenarios modeled for analysts through this database. Integration within the Enterprise Architecture at NASA IVV enables interfacing with other tools and datasets, technical support, and accessibility across the Agency. This paper discusses the development of an improved workflow process utilizing this database for adaptive, risk-informed FM assurance that critical software systems will safely and securely protect against faults and respond to ACs in order to achieve successful missions.

Summary of development and recommendations for a quality assurance program for the procurement and manufacture of urban mass transit operating equipment and systems

NASA Technical Reports Server (NTRS)

Witkin, S. A.

1976-01-01

A viable quality program for the urban mass transit industry, and a management approach to ensure compliance with the program are outlined. Included are: (1) a set of guidelines for quality assurance to be imposed on transit authorities, and a management approach to ensure compliance with them; (2) a management approach to be used by the transit authorities (properties) for assuring compliance with the QA guidelines; and (3) quality assurance guidelines to be imposed by properties and umta for procurement of hardware and systems.

Savannah River Laboratory quality assurance manual. Revision 2

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

1985-02-01

The SRL quality assurance program is a management activity that verifies that the results of our research and development are adequate for their intended use and that our facilities function properly. The program is based on Savannah River Quality Assurance Plan (DPW-82-111-2, Rev 0) as applied through Quality Assurance Procedures and Divisional Plans (following section). The AED policy states that ''all activities shall be conducted to achieve a high quality of product and performance...'' The policy contains 18 considerations to be applied ''proportional to needs, based on the technical and professional judgment of responsible Du Pont employees.'' Quality is themore » responsibility of each individual and his line organization, as is safety. To ensure that quality is being considered for all SRL activities, all research programs are reviewed, and all facilities are assessed. These assessments and reviews are the nucleus of the Quality Assurance program.« less

A national analytical quality assurance program: Developing guidelines and analytical tools for the forest inventory and analysis program

Treesearch

Phyllis C. Adams; Glenn A. Christensen

2012-01-01

A rigorous quality assurance (QA) process assures that the data and information provided by the Forest Inventory and Analysis (FIA) program meet the highest possible standards of precision, completeness, representativeness, comparability, and accuracy. FIA relies on its analysts to check the final data quality prior to release of a State’s data to the national FIA...

23 CFR 637.207 - Quality assurance program.

Code of Federal Regulations, 2011 CFR

2011-04-01

... independent assurance (IA) program consisting of the following: (1) Acceptance program. (i) Each STD's... quality control samples. (C) The quality control sampling and testing is evaluated by an IA program. (iii... appropriate. See 23 CFR 635.413(e) for specific requirements. (2) The IA program shall evaluate the qualified...

NASA Blue Team: Determining Operational Security Posture of Critical Systems and Networks

NASA Technical Reports Server (NTRS)

Alley, Adam David

2016-01-01

Emergence of Cybersecurity has increased the focus on security risks to Information Technology (IT) assets going beyond traditional Information Assurance (IA) concerns: More sophisticated threats have emerged from increasing sources as advanced hacker tools and techniques have emerged and proliferated to broaden the attack surface available across globally interconnected networks.

Management of Library Security. SPEC Kit 247 and SPEC Flyer 247.

ERIC Educational Resources Information Center

Soete, George J., Comp.; Zimmerman, Glen, Comp.

This SPEC (Systems and Procedures Exchange Center) Kit and Flyer reports results of a survey conducted in January 1999 that examined how ARL (Association of Research Libraries) member libraries assure the safety and security of persons, library materials, physical facilities, furnishings, computer equipment, etc. Forty-five of the 122 ARL member…

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hamlet, Jason; Pierson, Lyndon; Bauer, Todd

Supply chain security to detect, deter, and prevent the counterfeiting of networked and stand-alone integrated circuits (ICs) is critical to cyber security. Sandia National Laboratory researchers have developed IC ID to leverage Physically Unclonable Functions (PUFs) and strong cryptographic authentication to create a unique fingerprint for each integrated circuit. IC ID assures the authenticity of ICs to prevent tampering or malicious substitution.

Assuring the privacy and security of transmitting sensitive electronic health information.

PubMed

Peng, Charlie; Kesarinath, Gautam; Brinks, Tom; Young, James; Groves, David

2009-11-14

The interchange of electronic health records between healthcare providers and public health organizations has become an increasingly desirable tool in reducing healthcare costs, improving healthcare quality, and protecting population health. Assuring privacy and security in nationwide sharing of Electronic Health Records (EHR) in an environment such as GRID has become a top challenge and concern. The Centers for Disease Control and Prevention's (CDC) and The Science Application International Corporation (SAIC) have jointly conducted a proof of concept study to find and build a common secure and reliable messaging platform (the SRM Platform) to handle this challenge. The SRM Platform is built on the open standards of OASIS, World Wide Web Consortium (W3C) web-services standards, and Web Services Interoperability (WS-I) specifications to provide the secure transport of sensitive EHR or electronic medical records (EMR). Transmitted data may be in any digital form including text, data, and binary files, such as images. This paper identifies the business use cases, architecture, test results, and new connectivity options for disparate health networks among PHIN, NHIN, Grid, and others.

45 CFR 2519.400 - What must an applicant include in an application for a grant?

Code of Federal Regulations, 2010 CFR

2010-10-01

... information and assurances specified by the Corporation in the grant application package. (c) Assurances that... to the program as may be required for fiscal audits and program evaluation; (2) Comply with the... and protect the rights of those employees; and (4) Comply with any other assurances that the...

24 CFR 200.935 - Administrator qualifications and procedures for HUD building products certification programs.

Code of Federal Regulations, 2011 CFR

2011-04-01

... guidelines in any quality assurance review: (1) ASQC Q9000-1-1994 Quality Management and Quality Assurance... Systems—Model for Quality Assurance in Final Inspection and Test; (5) ASQC Q9004-1-1994 Quality Management... in interpreting testing standards, test methods, evaluating test reports and quality control programs...

NASA Electrical, Electronic and Electromechanical (EEE) Parts Assurance, An Overview

NASA Technical Reports Server (NTRS)

Label, Kenneth A.; Sampson, Michael J.

2017-01-01

This presentation will cover NASA Electrical, Electronic and Electromechanical (EEE) Parts Assurance Structure, NASA Electronic Parts and Packaging (NEPP) Program, NASA Electronic Parts Assurance Group (NEPAG), examples of assurance challenges, and future challenges.

Brookhaven National Laboratory Institutional Plan FY2001--FY2005

DOE Office of Scientific and Technical Information (OSTI.GOV)

Davis, S.

Brookhaven National Laboratory is a multidisciplinary laboratory in the Department of Energy National Laboratory system and plays a lead role in the DOE Science and Technology mission. The Laboratory also contributes to the DOE missions in Energy Resources, Environmental Quality, and National Security. Brookhaven strives for excellence in its science research and in facility operations and manages its activities with particular sensitivity to environmental and community issues. The Laboratory's programs are aligned continuously with the goals and objectives of the DOE through an Integrated Planning Process. This Institutional Plan summarizes the portfolio of research and capabilities that will assure successmore » in the Laboratory's mission in the future. It also sets forth BNL strategies for our programs and for management of the Laboratory. The Department of Energy national laboratory system provides extensive capabilities in both world class research expertise and unique facilities that cannot exist without federal support. Through these national resources, which are available to researchers from industry, universities, other government agencies and other nations, the Department advances the energy, environmental, economic and national security well being of the US, provides for the international advancement of science, and educates future scientists and engineers.« less

Health for all: a public health vision.

PubMed

McBeath, W H

1991-12-01

The approach of a millennial passage invites public health to a review of past performance and a preview of future prospects toward assuring a healthy public. Since the 1974 Canadian Lalonde report, the best national plans for health progress have emphasized disease prevention and health promotion. WHO's multinational Health for All by the Year 2000 promotes basic health services essential to leading a socially and economically productive life. Healthy People 2000, the latest US guide, establishes three goals: increase healthy life span, reduce health disparities, and achieve universal access to preventive services. Its objectives can be used to excite public understanding, equip program development, evaluate progress, and encourage public accountability for health initiatives. Needed is federal leadership in defining requisite action and securing necessary resources. Elsewhere a "new public health" emphasizes community life-style and multisectoral "healthy public policy." In the United States, a national health program is needed to achieve equity in access to personal health care. Even more essential is equitable sharing in basic health determinants in society--nutritious food, basic education, safe water, decent housing, secure employment, adequate income, and peace. Vital to such a future is able and active leadership now from governments and public health professionals.

Health for all: a public health vision.

PubMed Central

McBeath, W H

1991-01-01

The approach of a millennial passage invites public health to a review of past performance and a preview of future prospects toward assuring a healthy public. Since the 1974 Canadian Lalonde report, the best national plans for health progress have emphasized disease prevention and health promotion. WHO's multinational Health for All by the Year 2000 promotes basic health services essential to leading a socially and economically productive life. Healthy People 2000, the latest US guide, establishes three goals: increase healthy life span, reduce health disparities, and achieve universal access to preventive services. Its objectives can be used to excite public understanding, equip program development, evaluate progress, and encourage public accountability for health initiatives. Needed is federal leadership in defining requisite action and securing necessary resources. Elsewhere a "new public health" emphasizes community life-style and multisectoral "healthy public policy." In the United States, a national health program is needed to achieve equity in access to personal health care. Even more essential is equitable sharing in basic health determinants in society--nutritious food, basic education, safe water, decent housing, secure employment, adequate income, and peace. Vital to such a future is able and active leadership now from governments and public health professionals. PMID:1746649

10 CFR 71.103 - Quality assurance organization.

Code of Federal Regulations, 2012 CFR

2012-01-01

... contractors, agents, or consultants, the work of establishing and executing the quality assurance program, or... 10 Energy 2 2012-01-01 2012-01-01 false Quality assurance organization. 71.103 Section 71.103... Quality Assurance § 71.103 Quality assurance organization. (a) The licensee, 2 certificate holder, and...

10 CFR 71.103 - Quality assurance organization.

Code of Federal Regulations, 2014 CFR

2014-01-01

... contractors, agents, or consultants, the work of establishing and executing the quality assurance program, or... 10 Energy 2 2014-01-01 2014-01-01 false Quality assurance organization. 71.103 Section 71.103... Quality Assurance § 71.103 Quality assurance organization. (a) The licensee, 2 certificate holder, and...

10 CFR 71.103 - Quality assurance organization.

Code of Federal Regulations, 2013 CFR

2013-01-01

... contractors, agents, or consultants, the work of establishing and executing the quality assurance program, or... 10 Energy 2 2013-01-01 2013-01-01 false Quality assurance organization. 71.103 Section 71.103... Quality Assurance § 71.103 Quality assurance organization. (a) The licensee, 2 certificate holder, and...

Opinion of gastroenterologists towards quality assurance in endoscopy.

PubMed

de Jonge, Vincent; Kuipers, Ernst J; van Leerdam, Monique E

2011-03-01

Quality assurance has become an important issue. Many societies are adopting quality assurance programs in order to monitor and improve quality of care. To assess the opinion of gastroenterologists towards quality assurance on the endoscopy department. A survey was sent to all gastroenterologists (n=319) in the Netherlands. It assessed their opinion on a quality assurance program for endoscopy units, including its design, logistics, and content. 200 gastroenterologists (63%) completed the questionnaire. 95% had a positive opinion towards quality assurance and 67% supposed an increase in quality. 28% assumed a negative impact on the time available for patient contact by introducing a quality assurance program and 35% that the capacity would decrease. A negative attitude towards disclosure of results to insurance companies (23%) and media (53%) was reported. Female gastroenterologists were less positive to share the results with other stakeholders (p<0.05). Most important quality measurements were assessment of complications (97%), standardised reporting (96%), and adequate patient information (95%). Gastroenterologists have a positive attitude towards quality assurance. However, concerns do exist about time investment and disclosure of results to others. Information provision and procedure characteristics were considered the most important aspects of quality assurance. Copyright © 2010 Editrice Gastroenterologica Italiana S.r.l. Published by Elsevier Ltd. All rights reserved.

48 CFR 239.7101 - Definition.

Code of Federal Regulations, 2011 CFR

2011-10-01

... OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7101 Definition. Information assurance, as used in this subpart, means...

48 CFR 239.7101 - Definition.

Code of Federal Regulations, 2012 CFR

2012-10-01

... OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7101 Definition. Information assurance, as used in this subpart, means...

48 CFR 239.7101 - Definition.

Code of Federal Regulations, 2014 CFR

2014-10-01

... OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7101 Definition. Information assurance, as used in this subpart, means...

48 CFR 239.7101 - Definition.

Code of Federal Regulations, 2013 CFR

2013-10-01

... OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7101 Definition. Information assurance, as used in this subpart, means...

48 CFR 239.7101 - Definition.

Code of Federal Regulations, 2010 CFR

2010-10-01

... OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7101 Definition. Information assurance, as used in this subpart, means...

Provably-Secure (Chinese Government) SM2 and Simplified SM2 Key Exchange Protocols

PubMed Central

Nam, Junghyun; Kim, Moonseong

2014-01-01

We revisit the SM2 protocol, which is widely used in Chinese commercial applications and by Chinese government agencies. Although it is by now standard practice for protocol designers to provide security proofs in widely accepted security models in order to assure protocol implementers of their security properties, the SM2 protocol does not have a proof of security. In this paper, we prove the security of the SM2 protocol in the widely accepted indistinguishability-based Bellare-Rogaway model under the elliptic curve discrete logarithm problem (ECDLP) assumption. We also present a simplified and more efficient version of the SM2 protocol with an accompanying security proof. PMID:25276863

Security Risks: Management and Mitigation in the Software Life Cycle

NASA Technical Reports Server (NTRS)

Gilliam, David P.

2004-01-01

A formal approach to managing and mitigating security risks in the software life cycle is requisite to developing software that has a higher degree of assurance that it is free of security defects which pose risk to the computing environment and the organization. Due to its criticality, security should be integrated as a formal approach in the software life cycle. Both a software security checklist and assessment tools should be incorporated into this life cycle process and integrated with a security risk assessment and mitigation tool. The current research at JPL addresses these areas through the development of a Sotfware Security Assessment Instrument (SSAI) and integrating it with a Defect Detection and Prevention (DDP) risk management tool.

Underground Test Area Activity Quality Assurance Plan Nevada National Security Site, Nevada. Revision 2

DOE Office of Scientific and Technical Information (OSTI.GOV)

Krenzien, Susan; Farnham, Irene

This Quality Assurance Plan (QAP) provides the overall quality assurance (QA) requirements and general quality practices to be applied to the U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Field Office (NNSA/NFO) Underground Test Area (UGTA) activities. The requirements in this QAP are consistent with DOE Order 414.1D, Change 1, Quality Assurance (DOE, 2013a); U.S. Environmental Protection Agency (EPA) Guidance for Quality Assurance Project Plans for Modeling (EPA, 2002); and EPA Guidance on the Development, Evaluation, and Application of Environmental Models (EPA, 2009). If a participant’s requirement document differs from this QAP, the stricter requirement will take precedence.more » NNSA/NFO, or designee, must review this QAP every two years. Changes that do not affect the overall scope or requirements will not require an immediate QAP revision but will be incorporated into the next revision cycle after identification. Section 1.0 describes UGTA objectives, participant responsibilities, and administrative and management quality requirements (i.e., training, records, procurement). Section 1.0 also details data management and computer software requirements. Section 2.0 establishes the requirements to ensure newly collected data are valid, existing data uses are appropriate, and environmental-modeling methods are reliable. Section 3.0 provides feedback loops through assessments and reports to management. Section 4.0 provides the framework for corrective actions. Section 5.0 provides references for this document.« less

A Video Game for Cyber Security Training and Awareness

DTIC Science & Technology

2006-01-01

potentially mundane. Video games have been proposed as an engaging training vehicle (Prenski, 2001). Here we describe a video game-like tool called Cyber- CIEGE...formation assurance, and information assurance technolo- gists with little background in video games . Early focus was on establishing a language that... video games or adventure games appear more inclined to explorethe game, sometimes proceeding beyond the simple aware- ness scenarios into more

Assuring Software Reliability

DTIC Science & Technology

2014-08-01

technologies and processes to achieve a required level of confidence that software systems and services function in the intended manner. 1.3 Security Example...that took three high-voltage lines out of service and a software fail- ure (a race condition3) that disabled the computing service that notified the... service had failed. Instead of analyzing the details of the alarm server failure, the reviewers asked why the following software assurance claim had

40 CFR 80.583 - What alternative sampling and testing requirements apply to importers who transport motor vehicle...

Code of Federal Regulations, 2010 CFR

2010-07-01

... applicable. (b) Quality assurance program. The importer must conduct a quality assurance program, as specified in this paragraph (b), for each truck or rail car loading terminal. (1) Quality assurance samples... an independent laboratory, and the terminal operator must not know in advance when samples are to be...

Metrology: Measurement Assurance Program Guidelines

NASA Technical Reports Server (NTRS)

Eicke, W. G.; Riley, J. P.; Riley, K. J.

1995-01-01

The 5300.4 series of NASA Handbooks for Reliability and Quality Assurance Programs have provisions for the establishment and utilization of a documented metrology system to control measurement processes and to provide objective evidence of quality conformance. The intent of these provisions is to assure consistency and conformance to specifications and tolerances of equipment, systems, materials, and processes procured and/or used by NASA, its international partners, contractors, subcontractors, and suppliers. This Measurement Assurance Program (MAP) guideline has the specific objectives to: (1) ensure the quality of measurements made within NASA programs; (2) establish realistic measurement process uncertainties; (3) maintain continuous control over the measurement processes; and (4) ensure measurement compatibility among NASA facilities. The publication addresses MAP methods as applied within and among NASA installations and serves as a guide to: control measurement processes at the local level (one facility); conduct measurement assurance programs in which a number of field installations are joint participants; and conduct measurement integrity (round robin) experiments in which a number of field installations participate to assess the overall quality of particular measurement processes at a point in time.

Digital Health Services and Digital Identity in Alberta.

PubMed

McEachern, Aiden; Cholewa, David

2017-01-01

The Government of Alberta continues to improve delivery of healthcare by allowing Albertans to access their health information online. Alberta is the only province in Canada with provincial electronic health records for all its citizens. These records are currently made available to medical practitioners, but Alberta Health believes that providing Albertans access to their health records will transform the delivery of healthcare in Alberta. It is important to have a high level of assurance that the health records are provided to the correct Albertan. Alberta Health requires a way for Albertans to obtain a digital identity with a high level of identity assurance prior to releasing health records via the Personal Health Portal. Service Alberta developed the MyAlberta Digital ID program to provide a digital identity verification service. The Ministry of Health is leveraging MyAlberta Digital ID to enable Albertans to access their personal health records through the Personal Health Portal. The Government of Alberta is advancing its vision of patient-centred healthcare by enabling Albertans to access a trusted source for health information and their electronic health records using a secure digital identity.

3D Digital Legos for Teaching Security Protocols

ERIC Educational Resources Information Center

Yu, Li; Harrison, L.; Lu, Aidong; Li, Zhiwei; Wang, Weichao

2011-01-01

We have designed and developed a 3D digital Lego system as an education tool for teaching security protocols effectively in Information Assurance courses (Lego is a trademark of the LEGO Group. Here, we use it only to represent the pieces of a construction set.). Our approach applies the pedagogical methods learned from toy construction sets by…

Non-developmental item computer systems and the malicious software threat

NASA Technical Reports Server (NTRS)

Bown, Rodney L.

1991-01-01

The following subject areas are covered: a DOD development system - the Army Secure Operating System; non-development commercial computer systems; security, integrity, and assurance of service (SI and A); post delivery SI and A and malicious software; computer system unique attributes; positive feedback to commercial computer systems vendors; and NDI (Non-Development Item) computers and software safety.

Teaching Hands-On Linux Host Computer Security

ERIC Educational Resources Information Center

Shumba, Rose

2006-01-01

In the summer of 2003, a project to augment and improve the teaching of information assurance courses was started at IUP. Thus far, ten hands-on exercises have been developed. The exercises described in this article, and presented in the appendix, are based on actions required to secure a Linux host. Publicly available resources were used to…

Fluoroscopy

MedlinePlus

... through a clinical facility’s quality assurance program, are fundamental to radiation protection. More information about the principles ... as part of quality assurance program emphasizing radiation management. Health care providers who use fluoroscopy should be ...

Management of Disused Radioactive Sealed Sources in Egypt - 13512

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mohamed, Y.T.; Hasan, M.A.; Lasheen, Y.F.

The future safe development of nuclear energy and progressive increasing use of sealed sources in medicine, research, industry and other fields in Egypt depends on the safe and secure management of disused radioactive sealed sources. In the past years have determined the necessity to formulate and apply the integrated management program for radioactive sealed sources to assure harmless and ecological rational management of disused sealed sources in Egypt. The waste management system in Egypt comprises operational and regulatory capabilities. Both of these activities are performed under legislations. The Hot Laboratories and Waste Management Center HLWMC, is considered as a centralizedmore » radioactive waste management facility in Egypt by law 7/2010. (authors)« less

Legal considerations in the management of cleft lip and palate.

PubMed

Berbert-Campos, Cláudia

2007-03-01

To inform professionals providing care to individuals with cleft lip and palate on the legal aspects and organizations available to protect individuals with this alteration, and to advocate that cleft lip and palate should be considered a handicap, even though it is provisional and may be rehabilitated, to assure afflicted individuals basic rights and complete personal, social, and economic welfare. Literature review on the issue, including assessment of national and international laws, doctrines, and jurisprudences; conceptual analysis of the word "handicapped" in dictionaries. Analysis included the federal constitutions of Brazil, France, Argentina, Spain, Cuba, Italy, China, Portugal, Japan, Great Britain, and Colombia, regarding the protection of handicapped people. Constitutional protection of handicapped people is a recent issue that has been addressed only in the last few decades in some countries such as Brazil, Italy, Spain, China, and Portugal. The Brazilian Federal Constitution of 1988 addresses the protection of handicapped people to assure them access to social and individual rights, freedom, security, welfare, development, equality, and justice as supreme values of a fraternal, pluralist, and prejudice-free society. Individuals with cleft lip and palate should be included in national policies for integration of handicapped people, in agreement with programs of human rights, establishing a collaborative action between state and society. This would assure their inclusion in the socioeconomic and cultural context and equal opportunities in society, without privileges or paternalism.

The FAA's Approach to Quality Assurance in the Flight Safety Analysis of Launch and Reentry Vehicles

NASA Astrophysics Data System (ADS)

Murray, Daniel P.; Weil, Andre

2010-09-01

The U.S. Federal Aviation Administration(FAA) Office of Commercial Space Transportation’s safety mission is to ensure protection of the public, property, and the national security and foreign policy interests of the United States during commercial launch and reentry activities. As part of this mission, the FAA issues licenses to the operators of launch and reentry vehicles who successfully demonstrate compliance with FAA regulations. To meet these regulations, vehicle operators submit an application that contains, among other things, flight safety analyses of their proposed missions. In the process of evaluating these submitted analyses, the FAA often conducts its own independent analyses, using input data from the submitted license application. These analyses are conducted according to approved procedures using industry developed tools. To assist in achieving the highest levels of quality in these independent analyses, the FAA has developed a quality assurance program that consists of multiple levels of review. These reviews rely on the work of multiple teams, as well as additional, independently performed work of support contractors. This paper describes the FAA’s quality assurance process for flight safety analyses. Members of the commercial space industry may find that elements of this process can be easily applied to their own analyses, improving the quality of the material they submit to the FAA in their license applications.

75 FR 67433 - Federal Fiscal Year 2011 Annual List of Certifications and Assurances for Federal Transit...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-02

...Pursuant to 49 U.S.C. 5323(n), FTA is authorized to consolidate the certifications and assurances required by Federal law or regulations for its programs into a single document. FTA is also required by 49 U.S.C. 5323(n) to publish a list of those certifications and assurances annually. Appendix A of this Notice contains the comprehensive compilation of FTA's Certifications and Assurances applicable to the various Federal assistance programs that FTA will administer during Federal FY 2011. FTA's Certifications and Assurances for Federal FY 2011 reflect Federal statutory, regulatory, and programmatic changes that have now become effective.

Quality Assurance for Higher Education Franchising.

ERIC Educational Resources Information Center

Yorke, Mantz

1993-01-01

The practice of "franchising" higher education programs, or provision of educational programs through vendors, is examined as it occurs in the United Kingdom as a result of recent educational policy changes. A set of principles for assuring the quality of such programs is proposed. (MSE)

32 CFR 236.1 - Purpose.

Code of Federal Regulations, 2013 CFR

2013-07-01

... DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA) ACTIVITIES § 236.1 Purpose. Cyber threats to DIB unclassified information systems represent an unacceptable...

32 CFR 236.1 - Purpose.

Code of Federal Regulations, 2012 CFR

2012-07-01

... DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA) ACTIVITIES § 236.1 Purpose. Cyber threats to DIB unclassified information systems represent an unacceptable...

48 CFR 239.7100 - Scope of subpart.

Code of Federal Regulations, 2010 CFR

2010-10-01

... OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7100 Scope of subpart. This subpart includes information assurance and...

48 CFR 239.7100 - Scope of subpart.

Code of Federal Regulations, 2014 CFR

2014-10-01

... OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7100 Scope of subpart. This subpart includes information assurance and...

48 CFR 239.7100 - Scope of subpart.

Code of Federal Regulations, 2011 CFR

2011-10-01

... OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7100 Scope of subpart. This subpart includes information assurance and...

48 CFR 239.7100 - Scope of subpart.

Code of Federal Regulations, 2012 CFR

2012-10-01

... OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7100 Scope of subpart. This subpart includes information assurance and...

48 CFR 239.7100 - Scope of subpart.

Code of Federal Regulations, 2013 CFR

2013-10-01

... OF DEFENSE SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7100 Scope of subpart. This subpart includes information assurance and...

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kegel, T.M.

Calibration laboratories are faced with the need to become accredited or registered to one or more quality standards. One requirement common to all of these standards is the need to have in place a measurement assurance program. What is a measurement assurance program? Brian Belanger, in Measurement Assurance Programs: Part 1, describes it as a {open_quotes}quality assurance program for a measurement process that quantifies the total uncertainty of the measurements (both random and systematic components of error) with respect to national or designated standards and demonstrates that the total uncertainty is sufficiently small to meet the user`s requirements.{close_quotes} Rolf Schumachermore » is more specific in Measurement Assurance in Your Own Laboratory. He states, {open_quotes}Measurement assurance is the application of broad quality control principles to measurements of calibrations.{close_quotes} Here, the focus is on one important part of any measurement assurance program: implementation of statistical process control (SPC). Paraphrasing Juran`s Quality Control Handbook, a process is in statistical control if the only observed variations are those that can be attributed to random causes. Conversely, a process that exhibits variations due to assignable causes is not in a state of statistical control. Finally, Carrol Croarkin states, {open_quotes}In the measurement assurance context the measurement algorithm including instrumentation, reference standards and operator interactions is the process that is to be controlled, and its direct product is the measurement per se. The measurements are assumed to be valid if the measurement algorithm is operating in a state of control.{close_quotes} Implicit in this statement is the important fact that an out-of-control process cannot produce valid measurements. 7 figs.« less

International Safeguards and the Pacific Northwest National Laboratory

DOE Office of Scientific and Technical Information (OSTI.GOV)

Olsen, Khris B.; Smith, Leon E.; Frazar, Sarah L.

Established in 1965, Pacific Northwest National Laboratory’s (PNNL) strong technical ties and shared heritage with the nearby U.S. Department of Energy Hanford Site were central to the early development of expertise in nuclear fuel cycle signatures, separations chemistry, plutonium chemistry, environmental monitoring, modeling and analysis of reactor systems, and nuclear material safeguards and security. From these Hanford origins, PNNL has grown into a multi-program science and engineering enterprise that utilizes this diversity to strengthen the international safeguards regime. Today, PNNL supports the International Atomic Energy Agency (IAEA) in its mission to provide assurances to the international community that nations domore » not use nuclear materials and equipment outside of peaceful uses. PNNL also serves in the IAEA’s Network of Analytical Laboratories (NWAL) by providing analysis of environmental samples gathered around the world. PNNL is involved in safeguards research and development activities in support of many U.S. Government programs such as the National Nuclear Security Administration’s (NNSA) Office of Research and Development, NNSA Office of Nonproliferation and Arms Control, and the U.S. Support Program to IAEA Safeguards. In addition to these programs, PNNL invests internal resources including safeguards-specific training opportunities for staff, and laboratory-directed research and development funding to further ideas that may grow into new capabilities. This paper and accompanying presentation highlight some of PNNL’s contributions in technology development, implementation concepts and approaches, policy, capacity building, and human capital development, in the field of international safeguards.« less

40 CFR 51.366 - Data analysis and reporting.

Code of Federal Regulations, 2010 CFR

2010-07-01

... monitoring and evaluation of the program by program management and EPA, and shall provide information... and effectiveness evaluations of the enforcement mechanism, the quality assurance system, the quality... vehicles receiving a mass emissions test. (b) Quality assurance report. The program shall submit to EPA by...

78 FR 68505 - Enhancing Protections Afforded Customers and Customer Funds Held by Futures Commission Merchants...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-14

...The Commodity Futures Trading Commission (``Commission'' or ``CFTC'') is adopting new regulations and amending existing regulations to require enhanced customer protections, risk management programs, internal monitoring and controls, capital and liquidity standards, customer disclosures, and auditing and examination programs for futures commission merchants (``FCMs''). The regulations also address certain related issues concerning derivatives clearing organizations (``DCOs'') and chief compliance officers (``CCOs''). The final rules will afford greater assurances to market participants that: Customer segregated funds, secured amount funds, and cleared swaps funds are protected; customers are provided with appropriate notice of the risks of futures trading and of the FCMs with which they may choose to do business; FCMs are monitoring and managing risks in a robust manner; the capital and liquidity of FCMs are strengthened to safeguard their continued operations; and the auditing and examination programs of the Commission and the self- regulatory organizations (``SROs'') are monitoring the activities of FCMs in a prudent and thorough manner.

32 CFR 236.1 - Purpose.

Code of Federal Regulations, 2014 CFR

2014-07-01

... DEFENSE (DoD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA) ACTIVITIES § 236.1 Purpose. Cyber threats to DIB unclassified information systems represent an unacceptable...

32 CFR 236.3 - Policy.

Code of Federal Regulations, 2012 CFR

2012-07-01

... DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA... systems. (b) Increase the Government and DIB situational awareness of the extent and severity of cyber...

32 CFR 236.3 - Policy.

Code of Federal Regulations, 2013 CFR

2013-07-01

... DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA... systems. (b) Increase the Government and DIB situational awareness of the extent and severity of cyber...

The myth of secure computing.

PubMed

Austin, Robert D; Darby, Christopher A

2003-06-01

Few senior executives pay a whole lot of attention to computer security. They either hand off responsibility to their technical people or bring in consultants. But given the stakes involved, an arm's-length approach is extremely unwise. According to industry estimates, security breaches affect 90% of all businesses every year and cost some $17 billion. Fortunately, the authors say, senior executives don't need to learn about the more arcane aspects of their company's IT systems in order to take a hands-on approach. Instead, they should focus on the familiar task of managing risk. Their role should be to assess the business value of their information assets, determine the likelihood that those assets will be compromised, and then tailor a set of risk abatement processes to their company's particular vulnerabilities. This approach, which views computer security as an operational rather than a technical challenge, is akin to a classic quality assurance program in that it attempts to avoid problems rather than fix them and involves all employees, not just IT staffers. The goal is not to make computer systems completely secure--that's impossible--but to reduce the business risk to an acceptable level. This article looks at the types of threats a company is apt to face. It also examines the processes a general manager should spearhead to lessen the likelihood of a successful attack. The authors recommend eight processes in all, ranging from deciding how much protection each digital asset deserves to insisting on secure software to rehearsing a response to a security breach. The important thing to realize, they emphasize, is that decisions about digital security are not much different from other cost-benefit decisions. The tools general managers bring to bear on other areas of the business are good models for what they need to do in this technical space.

Software Assurance Curriculum Project Volume 3: Master of Software Assurance Course Syllabi

DTIC Science & Technology

2011-07-01

and International Electrotechnical Commission ( ISO /IEC). ISO /IEC 27002 :2005 Information Technology – Security Techniques – Code of Practice for...Compliance and Policy (CP) practice • [ ISO 2008] ISO 27002 Section 15 Research and identify (or develop) an example of policy language that...Microsoft SDL • [Merkow 2010] Chapters 5, 6, 8 • [ ISO 2008] ISO 27002 Sections 12.1-12.5 Identify practices to mitigate selected risks for sample

Intelligent cloud computing security using genetic algorithm as a computational tools

NASA Astrophysics Data System (ADS)

Razuky AL-Shaikhly, Mazin H.

2018-05-01

An essential change had occurred in the field of Information Technology which represented with cloud computing, cloud giving virtual assets by means of web yet awesome difficulties in the field of information security and security assurance. Currently main problem with cloud computing is how to improve privacy and security for cloud “cloud is critical security”. This paper attempts to solve cloud security by using intelligent system with genetic algorithm as wall to provide cloud data secure, all services provided by cloud must detect who receive and register it to create list of users (trusted or un-trusted) depend on behavior. The execution of present proposal has shown great outcome.

Quality-assurance plan for water-resources activities of the U.S. Geological Survey in Idaho

USGS Publications Warehouse

Packard, F.A.

1996-01-01

To ensure continued confidence in its products, the Water Resources Division of the U.S. Geological Survey implemented a policy that all its scientific work be performed in accordance with a centrally managed quality-assurance program. This report establishes and documents a formal policy for current (1995) quality assurance within the Idaho District of the U.S. Geological Survey. Quality assurance is formalized by describing district organization and operational responsibilities, documenting the district quality-assurance policies, and describing district functions. The districts conducts its work through offices in Boise, Idaho Falls, Twin Falls, Sandpoint, and at the Idaho National Engineering Laboratory. Data-collection programs and interpretive studies are conducted by two operating units, and operational and technical assistance is provided by three support units: (1) Administrative Services advisors provide guidance on various personnel issues and budget functions, (2) computer and reports advisors provide guidance in their fields, and (3) discipline specialists provide technical advice and assistance to the district and to chiefs of various projects. The district's quality-assurance plan is based on an overall policy that provides a framework for defining the precision and accuracy of collected data. The plan is supported by a series of quality-assurance policy statements that describe responsibilities for specific operations in the district's program. The operations are program planning; project planning; project implementation; review and remediation; data collection; equipment calibration and maintenance; data processing and storage; data analysis, synthesis, and interpretation; report preparation and processing; and training. Activities of the district are systematically conducted under a hierarchy of supervision an management that is designed to ensure conformance with Water Resources Division goals quality assurance. The district quality-assurance plan does not describe detailed technical activities that are commonly termed "quality-control procedures." Instead, it focuses on current policies, operations, and responsibilities that are implemented at the management level. Contents of the plan will be reviewed annually and updated as programs and operations change.

Development and implementation of a quality assurance infrastructure in a multisite home visitation program in Ohio and Kentucky.

PubMed

Ammerman, Robert T; Putnam, Frank W; Kopke, Jonathan E; Gannon, Thomas A; Short, Jodie A; Van Ginkel, Judith B; Clark, Margaret J; Carrozza, Mark A; Spector, Alan R

2007-01-01

As home visitation programs go to scale, numerous challenges are faced in implementation and quality assurance. This article describes the origins and implementation of Every Child Succeeds, a multisite home visitation program in southwestern Ohio and Northern Kentucky. In order to optimize quality assurance and generate new learning for the field, a Web-based system (eECS) was designed to systematically collect and use data. Continuous quality assurance procedures derived from business and industry have been established. Findings from data collection have documented outcomes, and have identified clinical needs that potentially undermine the impact of home visitation. An augmented module approach has been used to address these needs, and a program to treat maternal depression is described as an example of this approach. Challenges encountered are also discussed.

The quality assurance-risk management interface.

PubMed

Little, N

1992-08-01

Involvement with both risk management and quality assurance programs has led many authors to the conclusion that the fundamental differences between these activities are, in fact, very small. "At the point of overlap, it is almost impossible to distinguish the purposes and methods of both functions from one another." "Good risk management includes real improvement in patient care through organized quality assurance activities." The interface between a proactive risk management program and a quality assurance program is dynamic and can serve the legitimate interests of both. There is little to be gained by thinking of them as separate entities and much to be gained by sharing the lessons of both. If one thinks of risk management in terms of "risk" to quality patient care, and that "assuring quality" is the most productive type of risk management, then there is no practical reason to separate one from the other.

Food fortification: issues on quality assurance and impact evaluation in developing countries.

PubMed

Florentino, R

2003-01-01

Quality assurance and impact evaluation are essential components of a food fortification program and should be integrated in the fortification process. Quality assurance will ensure that the micronutrient meant to be delivered is indeed reaching the target population at the correct level. Impact evaluation will determine the effectiveness of food fortification as a strategy in controlling micronutrient deficiency and enable program planners to make decisions on the future of the program. In developing countries, both quality assurance and impact evaluation are often constrained not only by inadequacy of facilities as well as financial and manpower resources, but by unclear definition of objectives and inappropriate design. It is therefore necessary to consider the target audience for the quality assurance monitoring and impact evaluation in order to clearly define their objectives and in turn suit the design to these objectives, at the same time as the limitations in financial and manpower resources are considered.

10 CFR 76.93 - Quality assurance.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Quality assurance. 76.93 Section 76.93 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safety § 76.93 Quality assurance. The Corporation shall establish, maintain, and execute a quality assurance program satisfying each of...

10 CFR 76.93 - Quality assurance.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 2 2013-01-01 2013-01-01 false Quality assurance. 76.93 Section 76.93 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safety § 76.93 Quality assurance. The Corporation shall establish, maintain, and execute a quality assurance program satisfying each of...

10 CFR 76.93 - Quality assurance.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 2 2012-01-01 2012-01-01 false Quality assurance. 76.93 Section 76.93 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safety § 76.93 Quality assurance. The Corporation shall establish, maintain, and execute a quality assurance program satisfying each of...

10 CFR 76.93 - Quality assurance.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 2 2014-01-01 2014-01-01 false Quality assurance. 76.93 Section 76.93 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safety § 76.93 Quality assurance. The Corporation shall establish, maintain, and execute a quality assurance program satisfying each of...

10 CFR 76.93 - Quality assurance.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Quality assurance. 76.93 Section 76.93 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safety § 76.93 Quality assurance. The Corporation shall establish, maintain, and execute a quality assurance program satisfying each of...

Quality assurance programs for pressure ulcers.

PubMed

Xakellis, G C

1997-08-01

Traditional medical quality assurance programs are beginning to incorporate the principles of continuous quality improvement pioneered by Juran and Deming. Strategies for incorporating these principles into a long-term care facility are described, and two examples of successful implementation of continuous quality improvement programs for pressure ulcers are presented.

32 CFR 236.3 - Policy.

Code of Federal Regulations, 2014 CFR

2014-07-01

... DEFENSE (DoD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA... systems. (b) Increase the Government and DIB situational awareness of the extent and severity of cyber...

The Department of Defense Information Security Process: A Study of Change Acceptance and Past-Performance-Based Outsourcing

ERIC Educational Resources Information Center

Hackney, Dennis W. G.

2011-01-01

Subchapter III of Chapter 35 of Title 44, United States Code, Federal Information Security Management Act of 2002; Department of Defense (DoD) Directive 8500.01E, Information Assurance, October 24, 2002; DoD Directive 8100.1, Global Information Grid Overarching Policy, September 19, 2002; and DoD Instruction 8500.2, Information Assurance…

R&D100: IC ID

ScienceCinema

Hamlet, Jason; Pierson, Lyndon; Bauer, Todd

2018-06-25

Supply chain security to detect, deter, and prevent the counterfeiting of networked and stand-alone integrated circuits (ICs) is critical to cyber security. Sandia National Laboratory researchers have developed IC ID to leverage Physically Unclonable Functions (PUFs) and strong cryptographic authentication to create a unique fingerprint for each integrated circuit. IC ID assures the authenticity of ICs to prevent tampering or malicious substitution.

[A security protocol for the exchange of personal medical data via Internet: monitoring treatment and drug effects].

PubMed

Viviani, R; Fischer, J; Spitzer, M; Freudenmann, R W

2004-04-01

We present a security protocol for the exchange of medical data via the Internet, based on the type/domain model. We discuss two applications of the protocol: in a system for the exchange of data for quality assurance, and in an on-line database of adverse reactions to drug use. We state that a type/domain security protocol can successfully comply with the complex requirements for data privacy and accessibility typical of such applications.

Extending AADL for Security Design Assurance of Cyber Physical Systems

DTIC Science & Technology

2015-12-16

a detailed system architecture design of a CPS can be analyzed using AADL to prevent such types of CWEs. We divided the work into two tasks as...security modeling to CPSs, and develop a case study to show how formal modeling using AADL could be applied to a CPS to improve the security design of the... CPS . These examples of recent attacks against automobiles have been reported:  A wireless device used by Progressive Insurance to gather information

Assessment of the NASA Flight Assurance Review Program

NASA Technical Reports Server (NTRS)

Holmes, J.; Pruitt, G.

1983-01-01

The NASA flight assurance review program to develop minimum standard guidelines for flight assurance reviews was assessed. Documents from NASA centers and NASA headquarters to determine current design review practices and procedures were evaluated. Six reviews were identified for the recommended minimum. The practices and procedures used at the different centers to incorporate the most effective ones into the minimum standard review guidelines were analyzed and guidelines for procedures, personnel and responsibilies, review items/data checklist, and feedback and closeout were defined. The six recommended reviews and the minimum standards guidelines developed for flight assurance reviews are presented. Observations and conclusions for further improving the NASA review and quality assurance process are outlined.

Characterizing the Breadth and Depth of Volunteer Water Monitoring Programs in the United States.

PubMed

Stepenuck, Kristine F; Genskow, Kenneth D

2018-01-01

A survey of 345 volunteer water monitoring programs in the United States was conducted to document their characteristics, and perceived level of support for data to inform natural resource management or policy decisions. The response rate of 86% provided information from 46 states. Programs represented a range of ages, budgets, objectives, scopes, and level of quality assurance, which influenced data uses and perceived support by sponsoring agency administrators and external decision makers. Most programs focused on rivers, streams, and lakes. Programs had not made substantial progress to develop EPA or state-approved quality assurance plans since 1998, with only 48% reporting such plans. Program coordinators reported feeling slightly more support for data to be used for management as compared to policy decisions. Programs with smaller budgets may be at particular risk of being perceived to lack credibility due to failure to develop quality assurance plans. Over half of programs identified as collaborative, in that volunteers assisted scientists in program design, data analysis and/or dissemination of results. Just under a third were contributory, in which volunteers primarily collected data in a scientist-defined program. Recommendations to improve perceived data credibility, and to augment limited budgets include developing quality assurance plans and gaining agency approval, and developing partnerships with other organizations conducting monitoring in the area to share resources and knowledge. Funding agencies should support development of quality assurance plans to help ensure data credibility. Service providers can aid in plan development by providing training to program staff over time to address high staff turnover rates.

Characterizing the Breadth and Depth of Volunteer Water Monitoring Programs in the United States

NASA Astrophysics Data System (ADS)

Stepenuck, Kristine F.; Genskow, Kenneth D.

2018-01-01

A survey of 345 volunteer water monitoring programs in the United States was conducted to document their characteristics, and perceived level of support for data to inform natural resource management or policy decisions. The response rate of 86% provided information from 46 states. Programs represented a range of ages, budgets, objectives, scopes, and level of quality assurance, which influenced data uses and perceived support by sponsoring agency administrators and external decision makers. Most programs focused on rivers, streams, and lakes. Programs had not made substantial progress to develop EPA or state-approved quality assurance plans since 1998, with only 48% reporting such plans. Program coordinators reported feeling slightly more support for data to be used for management as compared to policy decisions. Programs with smaller budgets may be at particular risk of being perceived to lack credibility due to failure to develop quality assurance plans. Over half of programs identified as collaborative, in that volunteers assisted scientists in program design, data analysis and/or dissemination of results. Just under a third were contributory, in which volunteers primarily collected data in a scientist-defined program. Recommendations to improve perceived data credibility, and to augment limited budgets include developing quality assurance plans and gaining agency approval, and developing partnerships with other organizations conducting monitoring in the area to share resources and knowledge. Funding agencies should support development of quality assurance plans to help ensure data credibility. Service providers can aid in plan development by providing training to program staff over time to address high staff turnover rates.

Maintenance quality assurance peer exchange 2.

DOT National Transportation Integrated Search

2009-04-01

This report documents a comprehensive study of twenty three maintenance quality assurance : (MQA) programs throughout the United States and Canada. The policies and standards of : each program were synthesized to create a general assessment on the co...

EPA Finalizes Voluntary Quality Assurance Plan for Renewable Fuel Standard Program

EPA Pesticide Factsheets

The rule finalizes a voluntary third-party quality assurance program option for RINs that regulated parties may exercise as a supplement to the “buyer beware” liability as prescribed under existing regulations.

7 CFR 225.5 - Payments to State agencies and use of Program funds.

Code of Federal Regulations, 2010 CFR

2010-01-01

... the State Program management and administration plan and any other information available to FNS. If a... Program management and administration plan. (3) Funding assurance. At the time FNS approves the State's management and administration plan, the State shall be assured of receiving State administrative funding...

7 CFR 225.5 - Payments to State agencies and use of Program funds.

Code of Federal Regulations, 2011 CFR

2011-01-01

... the State Program management and administration plan and any other information available to FNS. If a... Program management and administration plan. (3) Funding assurance. At the time FNS approves the State's management and administration plan, the State shall be assured of receiving State administrative funding...

An Assessment of an Operational Educational Accountability System for Continuing Education in the Health Professions.

ERIC Educational Resources Information Center

Walsh, Patrick L.

1982-01-01

The Educational Quality Assessment and Assurance System for continuing education in health sciences includes three components to measure inputs, processes, and outcomes. They are (1) Program Coordinator Competency List, (2) Quality Assessment and Assurance Program, and (3) evaluation of educational programs. (SK)

76 FR 28443 - President's National Security Telecommunications Advisory Committee

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-17

... Government's use of cloud computing; the Federal Emergency Management Agency's NS/EP communications... Commercial Satellite Mission Assurance; and the way forward for the committee's cloud computing effort. The...

How Are the Results of Quality Assurance Programs Used to Inform Practices at a Distance Higher Education?

ERIC Educational Resources Information Center

Darojat, Ojat

2018-01-01

This paper is to examine the implementation of quality assurance (QA) programs in distance higher education. Different challenges related to the development of QA programs at a distance higher institution and how to manage and implement the programs are discussed to show how the programs have been used to ensure the survival of the institution. A…

222-S Laboratory Quality Assurance Plan. Revision 1

DOE Office of Scientific and Technical Information (OSTI.GOV)

Meznarich, H.K.

1995-07-31

This Quality Assurance Plan provides,quality assurance (QA) guidance, regulatory QA requirements (e.g., 10 CFR 830.120), and quality control (QC) specifications for analytical service. This document follows the U.S Department of Energy (DOE) issued Hanford Analytical Services Quality Assurance Plan (HASQAP). In addition, this document meets the objectives of the Quality Assurance Program provided in the WHC-CM-4-2, Section 2.1. Quality assurance elements required in the Guidelines and Specifications for Preparing Quality Assurance Program Plans (QAMS-004) and Interim Guidelines and Specifications for Preparing Quality Assurance Project Plans (QAMS-005) from the US Environmental Protection Agency (EPA) are covered throughout this document. A qualitymore » assurance index is provided in the Appendix A. This document also provides and/or identifies the procedural information that governs laboratory operations. The personnel of the 222-S Laboratory and the Standards Laboratory including managers, analysts, QA/QC staff, auditors, and support staff shall use this document as guidance and instructions for their operational and quality assurance activities. Other organizations that conduct activities described in this document for the 222-S Laboratory shall follow this QA/QC document.« less

Threats to US energy security: the challenge of Arab oil

DOE Office of Scientific and Technical Information (OSTI.GOV)

Phillips, J.

1979-08-13

Assured access to foreign oil supplies is a vital national interest of the United States which has been repeatedly jeopardized in the 1970s and one that will face additional critical challenges in the 1980s. This paper identifies and analyzes various threats to US energy security both in terms of their past use and future usability. Since the most ominous threat to US energy security is posed in connection with the Arab-Israeli conflict, the paper focuses on the Arab oil weapon, although the energy-security implications of the Iranian revolution are also assessed.

The organizational structure and governing principles of the Food and Drug Administration's Mini-Sentinel pilot program.

PubMed

Forrow, Susan; Campion, Daniel M; Herrinton, Lisa J; Nair, Vinit P; Robb, Melissa A; Wilson, Marcus; Platt, Richard

2012-01-01

The US Food and Drug Administration's Mini-Sentinel pilot program is developing an organizational structure as well as principles and policies to govern its operations. These will inform the structure and function of the eventual Sentinel System. Mini-Sentinel is a collaboration that includes 25 participating institutions. We describe the program's current organizational structure and its major principles and policies. The organization includes a coordinating center with program leadership provided by a principal investigator; a planning board and subcommittees; an operations center; and data, methods, and protocol cores. Ad hoc workgroups are created as needed. A privacy panel advises about protection of individual health information. Principles and policies are intended to ensure that Mini-Sentinel conforms to the principles of fair information practices, protects the privacy of individual health information, maintains the security and integrity of data, assures the confidentiality of proprietary information, provides accurate and timely communications, prevents or manages conflicts of interest, and preserves respect for intellectual property rights. Copyright © 2012 John Wiley & Sons, Ltd.

CDC's Evolving Approach to Emergency Response.

PubMed

Redd, Stephen C; Frieden, Thomas R

The Centers for Disease Control and Prevention (CDC) transformed its approach to preparing for and responding to public health emergencies following the anthrax attacks of 2001. The Office of Public Health Preparedness and Response, an organizational home for emergency response at CDC, was established, and 4 programs were created or greatly expanded after the anthrax attacks: (1) an emergency management program, including an Emergency Operations Center; (2) increased support of state and local health department efforts to prepare for emergencies; (3) a greatly enlarged Strategic National Stockpile of medicines, vaccines, and medical equipment; and (4) a regulatory program to assure that work done on the most dangerous pathogens and toxins is done as safely and securely as possible. Following these changes, CDC led responses to 3 major public health emergencies: the 2009-10 H1N1 influenza pandemic, the 2014-16 Ebola epidemic in West Africa, and the ongoing Zika epidemic. This article reviews the programs of CDC's Office of Public Health Preparedness, the major responses, and how these responses have resulted in changes in CDC's approach to responding to public health emergencies.

Software Assurance Challenges for the Commercial Crew Program

NASA Technical Reports Server (NTRS)

Cuyno, Patrick; Malnick, Kathy D.; Schaeffer, Chad E.

2015-01-01

This paper will provide a description of some of the challenges NASA is facing in providing software assurance within the new commercial space services paradigm, namely with the Commercial Crew Program (CCP). The CCP will establish safe, reliable, and affordable access to the International Space Station (ISS) by purchasing a ride from commercial companies. The CCP providers have varying experience with software development in safety-critical space systems. NASA's role in providing effective software assurance support to the CCP providers is critical to the success of CCP. These challenges include funding multiple vehicles that execute in parallel and have different rules of engagement, multiple providers with unique proprietary concerns, providing equivalent guidance to all providers, permitting alternates to NASA standards, and a large number of diverse stakeholders. It is expected that these challenges will exist in future programs, especially if the CCP paradigm proves successful. The proposed CCP approach to address these challenges includes a risk-based assessment with varying degrees of engagement and a distributed assurance model. This presentation will describe NASA IV&V Program's software assurance support and responses to these challenges.

42 CFR 457.130 - Civil rights assurance.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 42 Public Health 4 2013-10-01 2013-10-01 false Civil rights assurance. 457.130 Section 457.130...; State Plans for Child Health Insurance Programs and Outreach Strategies § 457.130 Civil rights assurance. The State plan must include an assurance that the State will comply with all applicable civil rights...

42 CFR 457.130 - Civil rights assurance.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 42 Public Health 4 2011-10-01 2011-10-01 false Civil rights assurance. 457.130 Section 457.130...; State Plans for Child Health Insurance Programs and Outreach Strategies § 457.130 Civil rights assurance. The State plan must include an assurance that the State will comply with all applicable civil rights...

42 CFR 457.130 - Civil rights assurance.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 42 Public Health 4 2014-10-01 2014-10-01 false Civil rights assurance. 457.130 Section 457.130...; State Plans for Child Health Insurance Programs and Outreach Strategies § 457.130 Civil rights assurance. The State plan must include an assurance that the State will comply with all applicable civil rights...

42 CFR 457.130 - Civil rights assurance.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 42 Public Health 4 2012-10-01 2012-10-01 false Civil rights assurance. 457.130 Section 457.130...; State Plans for Child Health Insurance Programs and Outreach Strategies § 457.130 Civil rights assurance. The State plan must include an assurance that the State will comply with all applicable civil rights...

40 CFR 194.22 - Quality assurance.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 40 Protection of Environment 24 2010-07-01 2010-07-01 false Quality assurance. 194.22 Section 194... General Requirements § 194.22 Quality assurance. (a)(1) As soon as practicable after April 9, 1996, the Department shall adhere to a quality assurance program that implements the requirements of ASME NQA-1-1989...

42 CFR 441.474 - Quality assurance and improvement plan.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 42 Public Health 4 2010-10-01 2010-10-01 false Quality assurance and improvement plan. 441.474... SERVICES Optional Self-Directed Personal Assistance Services Program § 441.474 Quality assurance and improvement plan. (a) The State must provide a quality assurance and improvement plan that describes the State...

42 CFR 441.474 - Quality assurance and improvement plan.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 42 Public Health 4 2011-10-01 2011-10-01 false Quality assurance and improvement plan. 441.474... SERVICES Optional Self-Directed Personal Assistance Services Program § 441.474 Quality assurance and improvement plan. (a) The State must provide a quality assurance and improvement plan that describes the State...

42 CFR 441.474 - Quality assurance and improvement plan.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 42 Public Health 4 2013-10-01 2013-10-01 false Quality assurance and improvement plan. 441.474... SERVICES Optional Self-Directed Personal Assistance Services Program § 441.474 Quality assurance and improvement plan. (a) The State must provide a quality assurance and improvement plan that describes the State...

42 CFR 441.474 - Quality assurance and improvement plan.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 42 Public Health 4 2012-10-01 2012-10-01 false Quality assurance and improvement plan. 441.474... SERVICES Optional Self-Directed Personal Assistance Services Program § 441.474 Quality assurance and improvement plan. (a) The State must provide a quality assurance and improvement plan that describes the State...

42 CFR 441.474 - Quality assurance and improvement plan.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 42 Public Health 4 2014-10-01 2014-10-01 false Quality assurance and improvement plan. 441.474... SERVICES Optional Self-Directed Personal Assistance Services Program § 441.474 Quality assurance and improvement plan. (a) The State must provide a quality assurance and improvement plan that describes the State...

Quality Assurance Planning for Region 9

EPA Pesticide Factsheets

The ultimate success of an environmental program or project depends on the quality of the environmental data collected and used in decision-making. EPA has developed guidances to help state and tribal governments develop Quality Assurance Program Plans.

Aviation Safety: Efforts to Implement Flight Operational Quality Assurance Programs

DOT National Transportation Integrated Search

1997-12-01

Flight Operational Quality Assurance (FOQA) programs seek to use flight data to : detect technical flaws, unsafe practices, or conditions outside of desired : operating procedures early enough to allow timely intervention to avert : accidents or inci...

Development of a multihospital pharmacy quality assurance program.

PubMed

Hoffmann, R P; Ravin, R; Colaluca, D M; Gifford, R; Grimes, D; Grzegorczyk, R; Keown, F; Kuhr, F; McKay, R; Peyser, J; Ryan, R; Zalewski, C

1980-07-01

Seven community hospitals have worked cooperatively for 18 months to develop an initial hospital pharmacy quality assurance program. Auditing criteria were developed for nine service areas corresponding to the model program developed by the American Society of Hospital Pharmacists. Current plans are to implement and modify this program as required at each participating hospital. Follow-up programs will also be essential to a functional, ongoing program, and these will be developed in the future.

An Evaluation of the ELNP e-Learning Quality Assurance Program: Perspectives of Gap Analysis and Innovation Diffusion

ERIC Educational Resources Information Center

Chen, Ming-Puu

2009-01-01

The purpose of this study was to examine the appropriateness of a nationwide quality assurance framework for e-learning from participants' perspectives. Two types of quality evaluation programs were examined in this study, including the e-Learning Service Certification program (eLSC) and the e-Learning Courseware Certification program (eLCC). Gap…

15 CFR 996.32 - Appeals.

Code of Federal Regulations, 2010 CFR

2010-01-01

... AND ATMOSPHERIC ADMINISTRATION, DEPARTMENT OF COMMERCE QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES Other Quality Assurance Program Matters § 996.32 Appeals. (a...

14 CFR 13.401 - Flight Operational Quality Assurance Program: Prohibition against use of data for enforcement...

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrator. (f) Disclosure. FOQA data and aggregate FOQA data, if submitted in accordance with an order... Program: Prohibition against use of data for enforcement purposes. 13.401 Section 13.401 Aeronautics and... Assurance Program: Prohibition against use of data for enforcement purposes. (a) Applicability. This section...

Secure Embedded System Design Methodologies for Military Cryptographic Systems

DTIC Science & Technology

2016-03-31

Fault- Tree Analysis (FTA); Built-In Self-Test (BIST) Introduction Secure access-control systems restrict operations to authorized users via methods...failures in the individual software/processor elements, the question of exactly how unlikely is difficult to answer. Fault- Tree Analysis (FTA) has a...Collins of Sandia National Laboratories for years of sharing his extensive knowledge of Fail-Safe Design Assurance and Fault- Tree Analysis

Implementing Information Assurance - Beyond Process

DTIC Science & Technology

2009-01-01

disabled or properly configured. Tools and scripts are available to expedite the configuration process on some platforms, For example, approved Windows...in the System Security Plan (SSP) or Information Security Plan (lSP). Any PPSs not required for operation by the system must be disabled , This...Services must be disabled , Implementing an 1M capability within the boundary carries many policy and documentation requirements. Usemame and passwords

A Call to IS Educators to Respond to the Voices of Women in Information Security

ERIC Educational Resources Information Center

Woszczynski, Amy B.; Shade, Sherri

2010-01-01

Much prior research has examined the dearth of women in the IT industry. The purpose of this study is to examine the perceptions of women in IT within the context of information security and assurance. This paper describes results from a study of a relatively new career path to see if there are female-friendly opportunities that have not existed…

Quality program plan for the Ultraviolet Spectrometer Experiment S169, Revision C

NASA Technical Reports Server (NTRS)

Vinson, W. W.

1971-01-01

The quality progress plan establishes the requirements for a system of controls to assure compliance with the quality assurance requirements as set forth in NASA quality program provisions for aeronautical and space system contractors.

Implementation of Programmatic Quality and the Impact on Safety

NASA Technical Reports Server (NTRS)

Huls, Dale Thomas; Meehan, Kevin

2005-01-01

The purpose of this paper is to discuss the implementation of a programmatic quality assurance discipline within the International Space Station Program and the resulting impact on safety. NASA culture has continued to stress safety at the expense of quality when both are extremely important and both can equally influence the success or failure of a Program or Mission. Although safety was heavily criticized in the media after Colimbiaa, strong case can be made that it was the failure of quality processes and quality assurance in all processes that eventually led to the Columbia accident. Consequently, it is possible to have good quality processes without safety, but it is impossible to have good safety processes without quality. The ISS Program quality assurance function was analyzed as representative of the long-term manned missions that are consistent with the President s Vision for Space Exploration. Background topics are as follows: The quality assurance organizational structure within the ISS Program and the interrelationships between various internal and external organizations. ISS Program quality roles and responsibilities with respect to internal Program Offices and other external organizations such as the Shuttle Program, JSC Directorates, NASA Headquarters, NASA Contractors, other NASA Centers, and International Partner/participants will be addressed. A detailed analysis of implemented quality assurance responsibilities and functions with respect to NASA Headquarters, the JSC S&MA Directorate, and the ISS Program will be presented. Discussions topics are as follows: A comparison of quality and safety resources in terms of staffing, training, experience, and certifications. A benchmark assessment of the lessons learned from the Columbia Accident Investigation (CAB) Report (and follow-up reports and assessments), NASA Benchmarking, and traditional quality assurance activities against ISS quality procedures and practices. The lack of a coherent operational and sustaining quality assurance strategy for long-term manned space flight. An analysis of the ISS waiver processes and the Problem Reporting and Corrective Action (PRACA) process implemented as quality functions. Impact of current ISS Program procedures and practices with regards to operational safety and risk A discussion regarding a "defense-in-depth" approach to quality functions will be provided to address the issue of "integration vs independence" with respect to the roles of Programs, NASA Centers, and NASA Headquarters. Generic recommendations are offered to address the inadequacies identified in the implementation of ISS quality assurance. A reassessment by the NASA community regarding the importance of a "quality culture" as a component within a larger "safety culture" will generate a more effective and value-added functionality that will ultimately enhance safety.

Assessment Report Sandia National Laboratories Fuel Cycle Technologies Quality Assurance Evaluation of FY15 SNL FCT M2 Milestone Deliverables

DOE Office of Scientific and Technical Information (OSTI.GOV)

Appel, Gordon John

Sandia National Laboratories (SNL) Fuel Cycle Technologies (FCT) program activities are conducted in accordance with FCT Quality Assurance Program Document (FCT-QAPD) requirements. The FCT-QAPD interfaces with SNL approved Quality Assurance Program Description (SNL-QAPD) as explained in the Sandia National Laboratories QA Program Interface Document for FCT Activities (Interface Document). This plan describes SNL's FY16 assessment of SNL's FY15 FCT M2 milestone deliverable's compliance with program QA requirements, including SNL R&A requirements. The assessment is intended to confirm that SNL's FY15 milestone deliverables contain the appropriate authenticated review documentation and that there is a copy marked with SNL R&A numbers.

Education for All in South Africa: Developing a National System for Quality Assurance.

ERIC Educational Resources Information Center

Smith, William J.; Ngoma-Maema, Wendy Yolisa

2003-01-01

Draws on international research, policy, and practice relevant to quality assurance systems to analyze the development of a national framework for educational quality assurance in South Africa. Describes an emerging framework for quality assurance that encompasses evaluation of student achievement, quality audits and reviews, program and service…

34 CFR 364.24 - What assurances are required for staff development?

Code of Federal Regulations, 2011 CFR

2011-07-01

... 34 Education 2 2011-07-01 2010-07-01 true What assurances are required for staff development? 364... Requirements? § 364.24 What assurances are required for staff development? The State plan must assure that the service provider establishes and maintains a program of staff development for all classes of positions...

34 CFR 364.24 - What assurances are required for staff development?

Code of Federal Regulations, 2010 CFR

2010-07-01

... 34 Education 2 2010-07-01 2010-07-01 false What assurances are required for staff development? 364... Requirements? § 364.24 What assurances are required for staff development? The State plan must assure that the service provider establishes and maintains a program of staff development for all classes of positions...

41 CFR 101-25.101-3 - Supply through consolidated purchase for direct delivery to use points.

Code of Federal Regulations, 2011 CFR

2011-07-01

... Property Management Federal Property Management Regulations System FEDERAL PROPERTY MANAGEMENT REGULATIONS... to assure adequate supply. (4) Where contracts for production quantities are necessary to secure...

41 CFR 101-25.101-3 - Supply through consolidated purchase for direct delivery to use points.

Code of Federal Regulations, 2014 CFR

2014-07-01

... Property Management Federal Property Management Regulations System FEDERAL PROPERTY MANAGEMENT REGULATIONS... to assure adequate supply. (4) Where contracts for production quantities are necessary to secure...

Infrared sensing of non-observable human biometrics

NASA Astrophysics Data System (ADS)

Willmore, Michael R.

2005-05-01

Interest and growth of biometric recognition technologies surged after 9/11. Once a technology mainly used for identity verification in law enforcement, biometrics are now being considered as a secure means of providing identity assurance in security related applications. Biometric recognition in law enforcement must, by necessity, use attributes of human uniqueness that are both observable and vulnerable to compromise. Privacy and protection of an individual's identity is not assured during criminal activity. However, a security system must rely on identity assurance for access control to physical or logical spaces while not being vulnerable to compromise and protecting the privacy of an individual. The solution resides in the use of non-observable attributes of human uniqueness to perform the biometric recognition process. This discussion will begin by presenting some key perspectives about biometric recognition and the characteristic differences between observable and non-observable biometric attributes. An introduction to the design, development, and testing of the Thermo-ID system will follow. The Thermo-ID system is an emerging biometric recognition technology that uses non-observable patterns of infrared energy naturally emanating from within the human body. As with all biometric systems, the infrared patterns recorded and compared within the Thermo-ID system are unique and individually distinguishable permitting a link to be confirmed between an individual and a claimed or previously established identity. The non-observable characteristics of infrared patterns of human uniqueness insure both the privacy and protection of an individual using this type of biometric recognition system.

48 CFR 246.102 - Policy.

Code of Federal Regulations, 2010 CFR

2010-10-01

... DEFENSE CONTRACT MANAGEMENT QUALITY ASSURANCE General 246.102 Policy. Departments and agencies shall also— (1) Develop and manage a systematic, cost-effective Government contract quality assurance program to ensure that contract performance conforms to specified requirements. Apply Government quality assurance...

Quality Assurance Plans under the Renewable Fuel Standard Program

EPA Pesticide Factsheets

Quality Assurance Plan or (QAP) is a voluntary program where independent third-parties may audit and verify that RINs have been properly generated and are valid for compliance purposes. RINs verified under a QAP may be purchased by regulated parties.

Safety assurance and compliance program (SACP) : accomplishments for CY 2001

DOT National Transportation Integrated Search

2002-08-01

This recent research report by the Federal Railroad Administration (FRA), posted online, provides ease of access to information on the Safety Assurance and Compliance Program. The FRA promotes and helps ensure the safety of the nation's railroad indu...

Surface Water Quality-Assurance Plan for the North Florida Program Office of the U.S. Geological Survey

USGS Publications Warehouse

Franklin, Marvin A.

2000-01-01

The U.S. Geological Survey, Water Resources Division, has a policy that requires each District office to prepare a Surface Water Quality-Assurance Plan. The plan for each District describes the policies and procedures that ensure high quality in the collection, processing, analysis, computer storage, and publication of surface-water data. The North Florida Program Office Surface Water Quality-Assurance Plan documents the standards, policies, and procedures used by the North Florida Program office for activities related to the collection, processing, storage, analysis, and publication of surface-water data.

Safety considerations in the design and operation of large wind turbines

NASA Technical Reports Server (NTRS)

Reilly, D. H.

1979-01-01

The engineering and safety techniques used to assure the reliable and safe operation of large wind turbine generators utilizing the Mod 2 Wind Turbine System Program as an example is described. The techniques involve a careful definition of the wind turbine's natural and operating environments, use of proven structural design criteria and analysis techniques, an evaluation of potential failure modes and hazards, and use of a fail safe and redundant component engineering philosophy. The role of an effective quality assurance program, tailored to specific hardware criticality, and the checkout and validation program developed to assure system integrity are described.

DOE-OES-EML quality assurance program

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sanderson, C.G.

1980-01-01

Contractor laboratories handling radioactive materials for the US Department of Energy (DOE) are required to monitor the environmental exposure and publish annual reports for the Division of Operational and Environmental Safety (OES). In order to determine the validity of the data contained in these reports the Environmental Measurements Laboratory (EML) was requested to develop, coordinate, and conduct an Environmental Quality Assurance Program (QAP). There are four major phases to the DOE-OES-EML Quality Assurance Program: sample collection and preparation, sample analyses at EML, quarterly sample distribution, and reporting the data returned by the participants. The various phases of the QAP andmore » the data reported during the first year of the program are discussed.« less

After-action review of the 2009-10 H1N1 Influenza Outbreak Response: Ohio's Public Health System's performance.

PubMed

Mase, William A; Bickford, Beth; Thomas, Casey L; Jones, Shamika D; Bisesi, Michael

In early 2009, H1N1 influenza was identified within the human population. Centers for Disease Control and Prevention (CDC) officials responded with focused assessment, policy development, and assurances. The response was mobilized through efforts including procurement of adequate vaccine supply, local area span of control, materials acquisition, and facilities and resource identification. Qualitative evaluation of the assurance functions specific to the system's ability to assure safe and healthy conditions are reported. The methodology mirrors the Homeland Security Exercise and Evaluation Program used to assess system capability. Findings demonstrate the effectiveness of community responsive disease prevention efforts in partnership with the public health systems mission to unify traditional public sector systems, for-profit systems, and local area systems was accomplished. As a result of this response pharmaceutical industries, healthcare providers, healthcare agencies, police/safety, colleges, and health and human service agencies were united. Findings demonstrate the effectiveness of community response strategies utilizing feedback from system stakeholders. After-action review processes are critical in all-hazards preparedness. This analysis of local health district response to the H1N1 influenza outbreak informs future public health service delivery. Results provide a synthesis of local health department's emergency response strategies, challenges encountered, and future-focused emergency response strategy implementation. A synthesis is provided as to policy and practice developments which have emerged over the past seven years with regard to lessons learned from the 2009-10 H1N1 influenza outbreak and response.

An Accreditation Dilemma: The Tension between Program Accountability and Program Improvement in Programmatic Accreditation

ERIC Educational Resources Information Center

Murray, Frank B.

2009-01-01

Because there is more doubt than ever before about the accomplishments of today's college graduates, the public, employers, often the graduates themselves, and others seek assurance that a program's graduates are competent and qualified. There is now the expectation that accreditation will give them that assurance. Moreover, nearly everyone seeks…

15 CFR 996.3 - Fees.

Code of Federal Regulations, 2012 CFR

2012-01-01

... ATMOSPHERIC ADMINISTRATION, DEPARTMENT OF COMMERCE QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES General § 996.3 Fees. NOAA may charge for its Quality Assurance Program activities...

15 CFR 996.3 - Fees.

Code of Federal Regulations, 2013 CFR

2013-01-01

... ATMOSPHERIC ADMINISTRATION, DEPARTMENT OF COMMERCE QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES General § 996.3 Fees. NOAA may charge for its Quality Assurance Program activities...

15 CFR 996.3 - Fees.

Code of Federal Regulations, 2014 CFR

2014-01-01

... ATMOSPHERIC ADMINISTRATION, DEPARTMENT OF COMMERCE QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES General § 996.3 Fees. NOAA may charge for its Quality Assurance Program activities...

15 CFR 996.3 - Fees.

Code of Federal Regulations, 2011 CFR

2011-01-01

... ATMOSPHERIC ADMINISTRATION, DEPARTMENT OF COMMERCE QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES General § 996.3 Fees. NOAA may charge for its Quality Assurance Program activities...

15 CFR 996.3 - Fees.

Code of Federal Regulations, 2010 CFR

2010-01-01

... ATMOSPHERIC ADMINISTRATION, DEPARTMENT OF COMMERCE QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES General § 996.3 Fees. NOAA may charge for its Quality Assurance Program activities...

Private sector delivery of health services in developing countries: a mixed-methods study on quality assurance in social franchises.

PubMed

Schlein, Karen; De La Cruz, Anna York; Gopalakrishnan, Tisha; Montagu, Dominic

2013-01-03

Across the developing world health care services are most often delivered in the private sector and social franchising has emerged, over the past decade, as an increasingly popular method of private sector health care delivery. Social franchising aims to strengthen business practices through economies of scale: branding clinics and purchasing drugs in bulk at wholesale prices. While quality is one of the established goals of social franchising, there is no published documentation of how quality levels might be set in the context of franchised private providers, nor what quality assurance measures can or should exist within social franchises. The aim of this study was to better understand the quality assurance systems currently utilized in social franchises, and to determine if there are shared standards for practice or quality outcomes that exist across programs. The study included three data sources and levels of investigation: 1) Self-reported program data; 2) Scoping telephone interviews; and 3) In-depth field interviews and clinic visits. Social Franchises conceive of quality assurance not as an independent activity, but rather as a goal that is incorporated into all areas of franchise operations, including recruitment, training, monitoring of provider performance, monitoring of client experience and the provision of feedback. These findings are the first evidence to support the 2002 conceptual model of social franchising which proposed that the assurance of quality was one of the three core goals of all social franchises. However, while quality is important to franchise programs, quality assurance systems overall are not reflective of the evidence to-date on quality measurement or quality improvement best practices. Future research in this area is needed to better understand the details of quality assurance systems as applied in social franchise programs, the process by which quality assurance becomes a part of the organizational culture, and the components of a quality assurance system that are most correlated with improved quality of clinical care for patients.

Private sector delivery of health services in developing countries: a mixed-methods study on quality assurance in social franchises

PubMed Central

2013-01-01

Background Across the developing world health care services are most often delivered in the private sector and social franchising has emerged, over the past decade, as an increasingly popular method of private sector health care delivery. Social franchising aims to strengthen business practices through economies of scale: branding clinics and purchasing drugs in bulk at wholesale prices. While quality is one of the established goals of social franchising, there is no published documentation of how quality levels might be set in the context of franchised private providers, nor what quality assurance measures can or should exist within social franchises. The aim of this study was to better understand the quality assurance systems currently utilized in social franchises, and to determine if there are shared standards for practice or quality outcomes that exist across programs. Methods The study included three data sources and levels of investigation: 1) Self-reported program data; 2) Scoping telephone interviews; and 3) In-depth field interviews and clinic visits. Results Social Franchises conceive of quality assurance not as an independent activity, but rather as a goal that is incorporated into all areas of franchise operations, including recruitment, training, monitoring of provider performance, monitoring of client experience and the provision of feedback. Conclusions These findings are the first evidence to support the 2002 conceptual model of social franchising which proposed that the assurance of quality was one of the three core goals of all social franchises. However, while quality is important to franchise programs, quality assurance systems overall are not reflective of the evidence to-date on quality measurement or quality improvement best practices. Future research in this area is needed to better understand the details of quality assurance systems as applied in social franchise programs, the process by which quality assurance becomes a part of the organizational culture, and the components of a quality assurance system that are most correlated with improved quality of clinical care for patients. PMID:23286899

Installation Restoration Program Stage 3. McClellan Air Force Base Quality Assurance Project Plan

DTIC Science & Technology

1989-08-30

QUALITY ASSURANCE PROJECT PLAN TDTM FINAL ELECTE C\\ JAUG 3 119891 .. .. . .. 0.. ... PREPARD.FOR HEDURTR FL/E WRGTPATRO .. F... OHI.443 ........ 1N...P.E. Contract Program Manager \\ 0 RADMAN 0 TABLE OF CONTENTS Section Page 1.0 INTRODUCTION ................................................... 1 of 6...Section: 1.0 RADM Revision: 1 CO PO AIO NDate: 04/12/89 O Page 1 of 6 1.0 INTRODUCTION The Quality Assurance Project Plan (QAPP) presents in specific

The Royal College of Pathologists of Australasia Quality Assurance Program: Immunohistochemistry Breast Marker Audit Overview 2005-2015.

PubMed

Haffajee, Zenobia Ayesha Mohamed; Kumar, Beena; Francis, Glenn; Peck, Martyn; Badrick, Tony

2017-11-20

The Royal College of Pathologists of Australasia Quality Assurance Program (RCPAQAP) Anatomical Pathology provides a comprehensive External Quality Assurance (EQA) exercise to review the reporting of immunohistochemistry (IHC) and in-situ hybridization (ISH) breast markers through an audit of clinical results. The aim of this exercise was to provide information regarding the quality of breast marker testing within clinical laboratories from 2005 to 2015. This comprehensive audit included estrogen, progesterone, and HER2 marker reporting. This was an important quality assurance activity established in response to ongoing difficulties experienced in laboratories in this area of testing.

Distributed intrusion detection system based on grid security model

NASA Astrophysics Data System (ADS)

Su, Jie; Liu, Yahui

2008-03-01

Grid computing has developed rapidly with the development of network technology and it can solve the problem of large-scale complex computing by sharing large-scale computing resource. In grid environment, we can realize a distributed and load balance intrusion detection system. This paper first discusses the security mechanism in grid computing and the function of PKI/CA in the grid security system, then gives the application of grid computing character in the distributed intrusion detection system (IDS) based on Artificial Immune System. Finally, it gives a distributed intrusion detection system based on grid security system that can reduce the processing delay and assure the detection rates.

Online trust, trustworthiness, or assurance?

PubMed

Cheshire, Coye

2011-01-01

Every day, individuals around the world retrieve, share, and exchange information on the Internet. We interact online to share personal information, find answers to questions, make financial transactions, play social games, and maintain professional and personal relationships. Sometimes our online interactions take place between two or more humans. In other cases, we rely on computers to manage information on our behalf. In each scenario, risk and uncertainty are essential for determining possible actions and outcomes. This essay highlights common deficiencies in our understanding of key concepts such as trust, trustworthiness, cooperation, and assurance in online environments. Empirical evidence from experimental work in computer-mediated environments underscores the promises and perils of overreliance on security and assurance structures as replacements for interpersonal trust. These conceptual distinctions are critical because the future shape of the Internet will depend on whether we build assurance structures to limit and control ambiguity or allow trust to emerge in the presence of risk and uncertainty.

44 CFR 351.11 - Functions of committees.

Code of Federal Regulations, 2010 CFR

2010-10-01

... OF HOMELAND SECURITY PREPAREDNESS RADIOLOGICAL EMERGENCY PLANNING AND PREPAREDNESS Federal... assistance to State and local governments in their radiological emergency planning and preparedness... government radiological emergency preparedness to assure minimum duplication and maximum benefits to State...

Report: Congressional Request on EPA Enforcement Resources and Accomplishments

EPA Pesticide Factsheets

Report #2004-S-00001, October 10, 2003. Following September 11, 2001, EPA’s Office of Enforcement and Compliance Assurance (OECA) assumed additional duties in conjunction with nation-wide efforts to improve homeland security.

40 CFR 205.162-3 - Instructions for maintenance, use, and repair.

Code of Federal Regulations, 2010 CFR

2010-07-01

... and mechanics of the acts necessary to reasonably assure that degradation of noise emission level is...-technical language. (3) The instructions must not be used to secure an unfair competitive advantage. They...

A Common Criteria-Based Team Project for High Assurance Secure Systems

DTIC Science & Technology

2005-01-01

experience in the FHM, full system documentation, and plenty of time. The students had little experience and little time. The MINIX operating... MINIX is a very appropriate target for student enhancements. Since the principle objective of Secure Systems is to teach the concepts of...to construct a system when one of the developmental threats is subversion. Because students were studying MINIX in a prerequisite operating systems

Littoral Combat Ship Manpower, an Overview of Officer Characteristics and Placement

DTIC Science & Technology

2013-03-01

15. NUMBER OF PAGES 103 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT Unclassified 18. SECURITY CLASSIFICATION OF THIS PAGE...maritime force: 1.) Networks should be the central organizing principle of the fleet, and its sensing and fighting power should be distributed across...assured access” force; and 4.) Numbers of hulls count (quantity had its own quality) and consequently the fleet’s combat power should be

Hospital Security and Force Protection: A Guide to Ensuring Patient and Employee Safety

DTIC Science & Technology

2006-04-28

leader and set up training camps for his recruits. Through these experiences, Osama Bin Laden was able to obtain money , weapons, and develop connections...options to deter counterfeits . Hospital Security 50 Membership within community collaboratives or community-based organizations provides excellent...iris or fingerprints scans are resistant to theft and counterfeit , assuring access to only authorized personnel. Many theme parks are utilizing this

Effectiveness of the Department of Defense Information Assurance Accreditation Process

DTIC Science & Technology

2013-03-01

meeting the requirements of ISO 27001, Information Security Management System. ISO 27002 provides “security techniques” or best practices that can be...efforts to the next level and implement a recognized standard such as the International Organization for Standards ( ISO ) 27000 Series of standards...implemented by an organization as part of their certification effort.15 Most likely, the main motivation a company would have for achieving an ISO

From Fob to Noc: A Pathway to a Cyber Career for Combat Veterans

DTIC Science & Technology

2014-06-01

Assurance Certifications GS general schedule HSAC Homeland Security Advisory Council IDS intrusion detection system IP internet protocol IPS...NIPRNET non-secure internet protocol router network NIST National Institute for Standards and Technology NOC network operations center NSA National...twice a day on an irregular schedule or during contact with the enemy to keep any observing enemy wary of the force protection 13 condition at any

External quality-assurance programs managed by the U.S. Geological Survey in support of the National Atmospheric Deposition Program/National Trends Network

USGS Publications Warehouse

Latysh, Natalie E.; Wetherbee, Gregory A.

2005-01-01

The U.S. Geological Survey, Branch of Quality Systems, operates the external quality-assurance programs for the National Atmospheric Deposition Program/National Trends Network (NADP/NTN). Beginning in 1978, six different programs have been implemented?the intersite-comparison program, the blind-audit program, the sample-handling evaluation program, the field-audit program, the interlaboratory-comparison program, and the collocated-sampler program. Each program was designed to measure error contributed by specific components in the data-collection process. The intersite-comparison program, which was discontinued in 2004, was designed to assess the accuracy and reliability of field pH and specific-conductance measurements made by site operators. The blind-audit and sample-handling evaluation programs, which also were discontinued in 2002 and 2004, respectively, assessed contamination that may result from sampling equipment and routine handling and processing of the wet-deposition samples. The field-audit program assesses the effects of sample handling, processing, and field exposure. The interlaboratory-comparison program evaluates bias and precision of analytical results produced by the contract laboratory for NADP, the Illinois State Water Survey, Central Analytical Laboratory, and compares its performance with the performance of international laboratories. The collocated-sampler program assesses the overall precision of wet-deposition data collected by NADP/NTN. This report documents historical operations and the operating procedures for each of these external quality-assurance programs. USGS quality-assurance information allows NADP/NTN data users to discern between actual environmental trends and inherent measurement variability.

23 CFR 650.313 - Inspection procedures.

Code of Federal Regulations, 2010 CFR

2010-04-01

...) Quality control and quality assurance. Assure systematic quality control (QC) and quality assurance (QA... periodic field review of inspection teams, periodic bridge inspection refresher training for program managers and team leaders, and independent review of inspection reports and computations. (h) Follow-up on...

Quality assurance in materials and construction

DOT National Transportation Integrated Search

2007-06-01

This review is a product of the FHWA 2006, National Review Program (NRP). Quality Assurance (QA) was selected for review in 2006 because the program was ranked as one of the top five areas of interest for review by FHWA. Over the last 10 years an ave...

Quality Assurance and Risk Management: A Survey of Dental Schools and Recommendations for Integrated Program Management.

ERIC Educational Resources Information Center

Fredekind, Richard E.; Cuny, Eve J.; Nadershahi, Nader A.

2002-01-01

Surveyed U.S. and Canadian dental schools about integration of quality assurance (QA) and risk management (RM) and what mechanisms have been most effective in measuring accomplishments. Main findings included that a majority of schools had a written QA program and committee and many reported significant changes resulting from the program; over…

Forest Inventory and Analysis National Data Quality Assessment Report for 2000 to 2003

Treesearch

James E. Pollard; James A. Westfall; Paul L. Patterson; David L. Gartner; Mark Hansen; Olaf Kuegler

2006-01-01

The Forest Inventory and Analysis program (FIA) is the key USDA Forest Service (USFS) program that provides the information needed to assess the status and trends in the environmental quality of the Nation's forests. The goal of the FIA Quality Assurance (QA) program is to provide a framework to assure the production of complete, accurate and unbiased forest...

GSFC Safety and Mission Assurance Organization

NASA Technical Reports Server (NTRS)

Kelly, Michael P.

2010-01-01

This viewgraph presentation reviews NASA Goddard Space Flight Center's approach to safety and mission assurance. The contents include: 1) NASA GSFC Background; 2) Safety and Mission Assurance Directorate; 3) The Role of SMA-D and the Technical Authority; 4) GSFC Mission assurance Requirements; 5) GSFC Systems Review Office (SRO); 6) GSFC Supply Chain Management Program; and 7) GSFC ISO9001/AS9100 Status Brief.

10 CFR Appendix B to Part 50 - Quality Assurance Criteria for Nuclear Power Plants and Fuel Reprocessing Plants

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 1 2011-01-01 2011-01-01 false Quality Assurance Criteria for Nuclear Power Plants and... LICENSING OF PRODUCTION AND UTILIZATION FACILITIES Pt. 50, App. B Appendix B to Part 50—Quality Assurance... report a description of the quality assurance program to be applied to the design, fabrication...

78 FR 5813 - 2013 Assuring Radiation Protection

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-28

...] 2013 Assuring Radiation Protection AGENCY: Food and Drug Administration, HHS. ACTION: Notice. SUMMARY... of the Center for Devices and Radiological Health (CDRH) radiation protection program. The goal of the 2013 Assuring Radiation Protection will be to coordinate Federal, State, and Tribal activities to...

Quality Assurance in a School of Dentistry: Getting Started.

ERIC Educational Resources Information Center

Guba, Christianne J.

1990-01-01

Steps in establishment of Indiana University School of Dentistry's quality assurance program included gathering existing information on quality assurance; ascertaining administrative support; appointing a committee; defining terms and setting goals; raising awareness and commitment; designing a patient satisfaction survey; undertaking a chart…

15 CFR 996.30 - Use of the NOAA emblem.

Code of Federal Regulations, 2010 CFR

2010-01-01

...) NATIONAL OCEANIC AND ATMOSPHERIC ADMINISTRATION, DEPARTMENT OF COMMERCE QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES Other Quality Assurance Program Matters § 996.30 Use of the...

Using RUFDATA to guide a logic model for a quality assurance process in an undergraduate university program.

PubMed

Sherman, Paul David

2016-04-01

This article presents a framework to identify key mechanisms for developing a logic model blueprint that can be used for an impending comprehensive evaluation of an undergraduate degree program in a Canadian university. The evaluation is a requirement of a comprehensive quality assurance process mandated by the university. A modified RUFDATA (Saunders, 2000) evaluation model is applied as an initiating framework to assist in decision making to provide a guide for conceptualizing a logic model for the quality assurance process. This article will show how an educational evaluation is strengthened by employing a RUFDATA reflective process in exploring key elements of the evaluation process, and then translating this information into a logic model format that could serve to offer a more focussed pathway for the quality assurance activities. Using preliminary program evaluation data from two key stakeholders of the undergraduate program as well as an audit of the curriculum's course syllabi, a case is made for, (1) the importance of inclusivity of key stakeholders participation in the design of the evaluation process to enrich the authenticity and accuracy of program participants' feedback, and (2) the diversification of data collection methods to ensure that stakeholders' narrative feedback is given ample exposure. It is suggested that the modified RUFDATA/logic model framework be applied to all academic programs at the university undergoing the quality assurance process at the same time so that economies of scale may be realized. Copyright © 2015 Elsevier Ltd. All rights reserved.

The Rockford School of Medicine Undergraduate Quality Assurance Program

ERIC Educational Resources Information Center

Barr, Daniel; And Others

1976-01-01

An undergraduate program of ambulatory care quality assurance is described which has been operational at the Rockford School of Medicine for three years. Focus is on involving students in peer review and related audit activities. Results of preliminary evaluation are reported and generalizations offered. (JT)

Quality Assurance of Non-Local Accounting Programs Conducted in Hong Kong

ERIC Educational Resources Information Center

Cheng, Mei-Ai; Leung, Noel W.

2014-01-01

This study examines the current government policy and institutional practice on quality assurance of non-local accounting programs conducted in Hong Kong. Both international guidelines, national regulations and institutional frameworks in higher education and transnational higher education, and professional practice in accounting education are…

78 FR 5857 - Agency Information Collection Activities: Requests for Comments; Clearance of Renewed Approval of...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-28

... Operational Quality Assurance (FOQA) Program AGENCY: Federal Aviation Administration (FAA), DOT. ACTION... 1995, FAA invites public comments about our intention to request the Office of Management and Budget... approved Flight Operational Quality Assurance (FOQA) programs to periodically provide aggregate trend...

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ahn, Gail-Joon

The project seeks an innovative framework to enable users to access and selectively share resources in distributed environments, enhancing the scalability of information sharing. We have investigated secure sharing & assurance approaches for ad-hoc collaboration, focused on Grids, Clouds, and ad-hoc network environments.

48 CFR 3004.470-1 - Scope.

Code of Federal Regulations, 2010 CFR

2010-10-01

... ACQUISITION REGULATION (HSAR) GENERAL ADMINISTRATIVE MATTERS Safeguarding Classified and Sensitive Information Within Industry 3004.470-1 Scope. This section implements DHS's policies for assuring the security of unclassified facilities, Information Technology (IT) resources, and sensitive information during the...

Partitioning in Avionics Architectures: Requirements, Mechanisms, and Assurance

NASA Technical Reports Server (NTRS)

Rushby, John

1999-01-01

Automated aircraft control has traditionally been divided into distinct "functions" that are implemented separately (e.g., autopilot, autothrottle, flight management); each function has its own fault-tolerant computer system, and dependencies among different functions are generally limited to the exchange of sensor and control data. A by-product of this "federated" architecture is that faults are strongly contained within the computer system of the function where they occur and cannot readily propagate to affect the operation of other functions. More modern avionics architectures contemplate supporting multiple functions on a single, shared, fault-tolerant computer system where natural fault containment boundaries are less sharply defined. Partitioning uses appropriate hardware and software mechanisms to restore strong fault containment to such integrated architectures. This report examines the requirements for partitioning, mechanisms for their realization, and issues in providing assurance for partitioning. Because partitioning shares some concerns with computer security, security models are reviewed and compared with the concerns of partitioning.

Joint CDRH (Center for Devices and Radiological Health) and state quality-assurance surveys in nuclear medicine: Phase 2 - radiopharmaceuticals

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hamilton, D.R.; Evans, C.D.

The report discusses survey results on aspects of the quality assurance of radio-pharmaceuticals from 180 nuclear-medicine facilities in the United States. Data were collected from facilities in 8 states. Demographic information about nuclear-medicine operations and quality-assurance programs was gathered by state radiation-control-program personnel. The data collected from the survey show an incomplete acceptance of quality-assurance practices for radiopharmaceuticals. Most of the facilities in the survey indicated that, because an inferior radiopharmaceutical was prepared so infrequently, they did not believe it was cost-effective to perform extensive quality-assurance testing. The Center for Devices and Radiological Health hopes that the information from themore » survey will stimulate nuclear-medicine professionals and their organizations to encourage appropriate testing of all radiopharmaceuticals.« less

Quality Assurance and Control Considerations in Environmental Measurements and Monitoring

NASA Astrophysics Data System (ADS)

Sedlet, Jacob

1982-06-01

Quality assurance and quality control have become accepted as essential parts of all environmental surveillance, measurements, and monitoring programs, both nuclear and non-nuclear. The same principles and details apply to each. It is primarily the final measurement technique that differs. As the desire and need to measure smaller amounts of pollutants with greater accuracy has increased, it has been recognized that quality assurance and control programs are cost-effective in achieving the expected results. Quality assurance (QA) consists of all the actions necessary to provide confidence in the results. Quality control (QC) is a part of QA, and consists of those actions and activities that permit the control of the individual steps in the environmental program. The distinction between the two terms is not always clearly defined, but a sharp division is not necessary. The essential principle of QA and QC is a commitment to high quality results. The essential components of a QA and QC program are a complete, written procedures manual for all parts of the environmental program, the use of standard or validated procedures, participation in applicable interlaboratory comparison or QA programs, replicate analysis and measurement, training of personnel, and a means of auditing or checking that the QA and QC programs are properly conducted. These components are discussed below in some detail.

New Brunswick Laboratory progress report, October 1989--September 1990

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

The New Brunswick Laboratory (NBL) has been tasked by the DOE Office of Safeguards and Security, Defense Programs (OSS/DP) to assure the application of accurate and reliable measurement technology for the safeguarding of special nuclear materials. NBL is fulfilling its mission responsibilities by identifying the measurement and measurement-related needs of the nuclear material safeguards community and addressing them by means of activities in the following program areas: (1) reference and calibration materials, (2) measurement development, (3) measurement services, (4) measurement evaluation, (5) safeguards assessment, and (6) site-specific assistance. Highlights of each of these program areas are provided in this summary.more » This progress report is written as a part of NBL's technology transfer responsibilities, primarily for the use and benefit of the scientific personnel that perform safeguards-related measurements. Consequently, the report is technical in nature. Many of the reports of multi-year projects are fragmentary in that only partial results are reported. Separate topical reports are to be issued at the completion of many of these projects. 30 refs.« less

Quality assurance and organizational effectiveness in hospitals.

PubMed Central

Hetherington, R W

1982-01-01

The purpose of this paper is to explore some aspects of a general theoretical model within which research on the organizational impacts of quality assurance programs in hospitals may be examined. Quality assurance is conceptualized as an organizational control mechanism, operating primarily through increased formalization of structures and specification of procedures. Organizational effectiveness is discussed from the perspective of the problem-solving theory of organizations, wherein effective organizations are those which maintain at least average performance in all four system problem areas simultaneously (goal-attainment, integration, adaptation and pattern-maintenance). It is proposed that through the realization of mutual benefits for both professionals and the bureaucracy, quality assurance programs can maximize such effective performance in hospitals. PMID:7096096

Technical Excellence and Communication: The Cornerstones for Successful Safety and Mission Assurance Programs

NASA Technical Reports Server (NTRS)

Malone, Roy W.; Livingston, John M.

2010-01-01

The paper describes the role of technical excellence and communication in the development and maintenance of safety and mission assurance programs. The Marshall Space Flight Center (MSFC) Safety and Mission Assurance (S&MA) organization is used to illustrate philosophies and techniques that strengthen safety and mission assurance efforts and that contribute to healthy and effective organizational cultures. The events and conditions leading to the development of the MSFC S&MA organization are reviewed. Historic issues and concerns are identified. The adverse effects of resource limitations and risk assessment roles are discussed. The structure and functions of the core safety, reliability, and quality assurance functions are presented. The current organization s mission and vision commitments serve as the starting points for the description of the current organization. The goals and objectives are presented that address the criticisms of the predecessor organizations. Additional improvements are presented that address the development of technical excellence and the steps taken to improve communication within the Center, with program customers, and with other Agency S&MA organizations.

Technical Excellence and Communication, the Cornerstones for Successful Safety and Mission Assurance Programs

NASA Astrophysics Data System (ADS)

Malone, Roy W.; Livingston, John M.

2010-09-01

The paper describes the role of technical excellence and communication in the development and maintenance of safety and mission assurance programs. The Marshall Space Flight Center(MSFC) Safety and Mission Assurance(S&MA) organization is used to illustrate philosophies and techniques that strengthen safety and mission assurance efforts and that contribute to healthy and effective organizational cultures. The events and conditions leading to the development of the MSFC S&MA organization are reviewed. Historic issues and concerns are identified. The adverse effects of resource limitations and risk assessment roles are discussed. The structure and functions of the core safety, reliability, and quality assurance functions are presented. The current organization’s mission and vision commitments serve as the starting points for the description of the current organization. The goals and objectives are presented that address the criticisms of the predecessor organizations. Additional improvements are presented that address the development of technical excellence and the steps taken to improve communication within the Center, with program customers, and with other Agency S&MA organizations.

41 CFR 101-4.115 - Assurance required.

Code of Federal Regulations, 2010 CFR

2010-07-01

... EDUCATION PROGRAMS OR ACTIVITIES RECEIVING FEDERAL FINANCIAL ASSISTANCE Introduction § 101-4.115 Assurance... 41 Public Contracts and Property Management 2 2010-07-01 2010-07-01 true Assurance required. 101-4.115 Section 101-4.115 Public Contracts and Property Management Federal Property Management Regulations...

42 CFR 441.464 - State assurances.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Self-Directed Personal Assistance Services Program § 441.464 State assurances. A State must assure that... problems that might be associated with budget underutilization. (2) These safeguards may include the... that budget problems are identified on a timely basis so that corrective action may be taken, if...

40 CFR 75.21 - Quality assurance and quality control requirements.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 40 Protection of Environment 16 2010-07-01 2010-07-01 false Quality assurance and quality control... PROGRAMS (CONTINUED) CONTINUOUS EMISSION MONITORING Operation and Maintenance Requirements § 75.21 Quality assurance and quality control requirements. (a) Continuous emission monitoring systems. The owner or...

49 CFR 27.9 - Assurance required.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 1 2010-10-01 2010-10-01 false Assurance required. 27.9 Section 27.9 Transportation Office of the Secretary of Transportation NONDISCRIMINATION ON THE BASIS OF DISABILITY IN PROGRAMS OR ACTIVITIES RECEIVING FEDERAL FINANCIAL ASSISTANCE General § 27.9 Assurance required. (a) General...

15 CFR 996.11 - Development of standards for a hydrographic product or class.

Code of Federal Regulations, 2010 CFR

2010-01-01

... COMMERCE QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES QUALITY ASSURANCE AND CERTIFICATION REQUIREMENTS FOR NOAA HYDROGRAPHIC PRODUCTS AND SERVICES The Quality... adopt or reject the standard as the NOAA Quality Assurance Program Standard for the particular...

7 CFR 90.102 - Quality assurance review.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 7 Agriculture 3 2010-01-01 2010-01-01 false Quality assurance review. 90.102 Section 90.102 Agriculture Regulations of the Department of Agriculture (Continued) AGRICULTURAL MARKETING SERVICE (Standards, Inspections, Marketing Practices), DEPARTMENT OF AGRICULTURE (CONTINUED) COMMODITY LABORATORY TESTING PROGRAMS INTRODUCTION Quality Assurance §...

Location-assured, multifactor authentication on smartphones via LTE communication

NASA Astrophysics Data System (ADS)

Kuseler, Torben; Lami, Ihsan A.; Al-Assam, Hisham

2013-05-01

With the added security provided by LTE, geographical location has become an important factor for authentication to enhance the security of remote client authentication during mCommerce applications using Smartphones. Tight combination of geographical location with classic authentication factors like PINs/Biometrics in a real-time, remote verification scheme over the LTE layer connection assures the authenticator about the client itself (via PIN/biometric) as well as the client's current location, thus defines the important aspects of "who", "when", and "where" of the authentication attempt without eaves dropping or man on the middle attacks. To securely integrate location as an authentication factor into the remote authentication scheme, client's location must be verified independently, i.e. the authenticator should not solely rely on the location determined on and reported by the client's Smartphone. The latest wireless data communication technology for mobile phones (4G LTE, Long-Term Evolution), recently being rolled out in various networks, can be employed to enhance this location-factor requirement of independent location verification. LTE's Control Plane LBS provisions, when integrated with user-based authentication and independent source of localisation factors ensures secure efficient, continuous location tracking of the Smartphone. This feature can be performed during normal operation of the LTE-based communication between client and network operator resulting in the authenticator being able to verify the client's claimed location more securely and accurately. Trials and experiments show that such algorithm implementation is viable for nowadays Smartphone-based banking via LTE communication.

Network Centric Warfare Case Study: U.S. V Corps and 3rd Infantry Division (Mechanized) During Operation Iraqi Freedom Combat Operations (Mar-Apr 2003). Volume 3. Network Centric Warfare Insights

DTIC Science & Technology

2003-01-01

OPSEC), military deception, psychological operations (PSYOPS), special information operations (IO), information assurance, physical security...nonlethal effects, such as operational 8 Network Centric Warfare Case Study security (OPSEC), military deception, psychological operations (PSYOP...Support Operations Group ASR Alternate Supply Route; or, Ammunition Supply Rate ATACMS Army Tactical Missile System ATARS Advanced

Training, Quality Assurance Factors, and Tools Investigation: a Work Report and Suggestions on Software Quality Assurance

NASA Technical Reports Server (NTRS)

Lee, Pen-Nan

1991-01-01

Previously, several research tasks have been conducted, some observations were obtained, and several possible suggestions have been contemplated involving software quality assurance engineering at NASA Johnson. These research tasks are briefly described. Also, a brief discussion is given on the role of software quality assurance in software engineering along with some observations and suggestions. A brief discussion on a training program for software quality assurance engineers is provided. A list of assurance factors as well as quality factors are also included. Finally, a process model which can be used for searching and collecting software quality assurance tools is presented.

Assuring Quality in Large-Scale Online Course Development

ERIC Educational Resources Information Center

Parscal, Tina; Riemer, Deborah

2010-01-01

Student demand for online education requires colleges and universities to rapidly expand the number of courses and programs offered online while maintaining high quality. This paper outlines two universities respective processes to assure quality in large-scale online programs that integrate instructional design, eBook custom publishing, Quality…

10 CFR 72.176 - Audits.

Code of Federal Regulations, 2010 CFR

2010-01-01

... RADIOACTIVE WASTE, AND REACTOR-RELATED GREATER THAN CLASS C WASTE Quality Assurance § 72.176 Audits. The... assurance program and to determine the effectiveness of the program. The audits must be performed in... 10 Energy 2 2010-01-01 2010-01-01 false Audits. 72.176 Section 72.176 Energy NUCLEAR REGULATORY...

Quality Assurance in Gerontological and Geriatric Training Programs: The European Case

ERIC Educational Resources Information Center

Politynska, Barbara; van Rijsselt, Rene J. T.; Lewko, Jolanta; Philp, Ian; Figueiredo, Daniella; De Sousa, Lilliana

2012-01-01

Quality assurance (QA) in gerontological and geriatric education programs is regarded as essential to maintain standards, strengthen accountability, improve readability of qualifications, and facilitate professional mobility. In this article the authors present a summary of international developments in QA and elaborate four international trends,…

THE IMPORTANCE OF A SUCCESSFUL QUALITY ASSURANCE (QA) PROGRAM FROM A RESEARCH MANAGER'S PERSPECTIVE

EPA Science Inventory

The paper discusses the Air Pollution Prevention and Control Division's Quality Assurance (QA) program and the approaches used to meet QA requirements in the Division. The presentation is a technical manager's perspective of the Division's requirements for and approach to QA in i...

42 CFR 457.135 - Assurance of compliance with other provisions.

Code of Federal Regulations, 2010 CFR

2010-10-01

... HUMAN SERVICES (CONTINUED) STATE CHILDREN'S HEALTH INSURANCE PROGRAMS (SCHIPs) ALLOTMENTS AND GRANTS TO STATES Introduction; State Plans for Child Health Insurance Programs and Outreach Strategies § 457.135... 42 Public Health 4 2010-10-01 2010-10-01 false Assurance of compliance with other provisions. 457...