The Clinger-Cohen Act, The Information Technology (IT) Management Reform Act of 1996
http://irm.cit.nih.gov/policy/itmra.html
Information Technology Policy Documents – Federal government-wide policy or guidance
http://policyworks.gov/policydocs/policy_list.htm
Computer Security Act of 1987 (PL 100-235)
http://policyworks.gov/policydocs/4.pdf
OMB Circular A-130, Transmittal Memorandum #4, dated 11/28/00
Management of Federal Information Resources
http://www.whitehouse.gov/omb/circulars/a130/a130trans4.html
Government Performance and Results Act (GPRA), OPM
Section 508
http://www.geocities.com/Colosseum/Base/3833/working/section508.html
National Institute of Standards and Technology (NIST), U.S. Department of Commerce
An Introduction to Computer Security: The NIST Handbook
http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf
Special Publications – Computer Security Resource Center
http://csrc.nist.gov/publications/nistpubs/index.html
Federal Agency Security Practices (FASP)
http://csrc.nist.gov/fasp/ (home)
http://csrc.nist.gov/fasp/jump.html (examples)
Federal Information Processing Standards Publications (FIPS PUB)
http://www.itl.nist.gov/div897/pubs/
FIPS PUB 73: Guidelines for Security of Computer Applications
http://csrc.nist.gov/publications/fips/fips73/fips73.PDF
FIPS PUB 87: Guidelines for ADP Contingency Planning
http://csrc.nist.gov/publications/fips/fips87/fips87.pdf
Inter-Agency Electronic Grants Committee (IAEGC)
Grant Data Dictionary Policy and Procedures
http://www.iaegc.gov/IAEGCstuff/GrantDataDictionary/IAEGC_GDDpolicy.htm
Department of Health and Human Services (DHHS)
DHHS Automated Information Systems Security Program Handbook
http://wwwoirm.nih.gov/policy/aissp.html
HRSA Information Security Office
http://intranet.hrsa.gov/oit/secur_ofc.htm (includes software licensing policy information)
HRSA IT Security Awareness Course
http://158.72.80.241/hrsanet/security/
HRSA Computer System Users Agreement
http://intranet.hrsa.gov/oit/certuser.htm
National Institutes of Health, Center for Information Technology, Bethesda, MD
http://www.alw.nih.gov/Security/Docs/passwd.html (Selecting Good Passwords)
U.S. Department of Housing and Urban Development
System Development Methodology
http://www.hud.gov/offices/cio/sdm/index.cfm
Project Leader Help Guide
http://www.hud.gov/utilities/intercept.cfm?/offices/cio/sdm/pl_help_guide.pdf
Defense Finance and Accounting Service
http://www.dfas.mil/library/pmtools/ (program manager tools)
http://www.dfas.mil/technology/pal/ssps/doc-stds/lc-doc-stds.htm (Life Cycle/SDS Documentation Standards)
Department of Energy (DOE), Office of the Chief Information Officer
Software Quality & Systems Engineering
http://cio.doe.gov/sqse/template.htm (document templates)
http://cio.doe.gov/sqse/download/maintmp.doc (Maintenance Plan)
SPAWAR Systems Center
http://sepo.spawar.navy.mil/sepo/index2.html (SW Engineering Program Office (SEPO))
http://sepo.spawar.navy.mil/sepo/Standards.html (document templates/software standards)
http://sepo.spawar.navy.mil/sepo/execgdbk.doc (SEM Guidebook)
The Department of Justice
Systems Development Life Cycle Guidance Document, March 2000
http://www.usdoj.gov/jmd/irm/lifecycle/table.htm
http://www.usdoj.gov/jmd/irm/lifecycle/apdxc21.htm (Maintenance Manual)
http://www.usdoj.gov/jmd/irm/lifecycle/apdxc22.htm (Operations Manual)
http://www.usdoj.gov/jmd/irm/lifecycle/apdxc23.htm (Systems Administration Manual)
http://www.usdoj.gov/jmd/irm/lifecycle/apdxc25.htm (User Manual)
Telecommunications And Automated Information Systems Security
http://www.usdoj.gov/jmd/dojorders/doj2640-2c.htm
Software Engineering Institute (SEI)
http://www.sei.cmu.edu/publications/documents/doc.list/2000.htm
Applicability of General Scenarios to the Architecture Tradeoff Analysis
http://www.sei.cmu.edu/publications/documents/01.reports/01tr014.html
Military SW Standards
http://members.home.net/kolacki/critical_standards.htm
A High Level Implementation of an Information Security Assurance (ISA) Process for Security Certification of Business Sensitive and Critical Systems
http://www.sans.org/infosecFAQ/policy/ISA.htm
Software Process Improvement and Capability dEtermination (SPICE; see also ISO 15504)
http://www.sqi.gu.edu.au/spice/
DoD Software Information Clearinghouse
IEEE Standards
Army metrics newsletter "Insight"
http://www.armysoftwaremetrics.org/insight.htm
COCOMO Project Estimation Model
http://sunset.usc.edu/research/COCOMOII/index.html
The Electronic College of Process Innovation
http://www.c3i.osd.mil/bpr/bprcd/index.htm
The Best Practices Forum on Independent Program Assessments
http://www.mitre.org/resources/centers/sepo/acquisition/Pgm-Assess-Summ.shtml
What Every CIO Needs to Know about Metadata, February 1999
(Architecture Working Group/ Enterprise Interoperability Committee)
http://www.cio.gov/Documents/metadata%5Fcio%5Fknowledge%5FFeb%5F1999%2Ehtml
Project Management Institute (PMI)
General Accounting Office (GAO) reports
http://www.gao.gov/reports.htm
National Committee for Quality Assurance (NCQA)
http://www.ncqa.org (process standard for HMO's)
National Computing Centre (NCC)
Joint Commission on Accreditation of Healthcare Organizations (JCAHO)
Condensation of the 14 Points for Management by W. Edwards Deming
http://www-caes.mit.edu/products/deming/1-points.html
How To Write Unmaintainable Code
http://www.informatik.uni-ulm.de/pm/mitarbeiter/mark/unmaintainable.html