Guidance For Assurance Manual [IAG-NAT-GFAM]
Section A
Article 1 - Overview
This document forms a set of the NIA Policy and has been written with the sole objective of providing guidance to the readers in being able to understand and implement the NIA Manual.
The document is focussed on providing an objective assessment and the expectations from the various controls specified in the NIA Manual.
The document shall be read along with the NIA manual as a reference and not independently.
Article 2 - Ownership & Maintenance
The manual is owned by Ministry of Transport and Communications, MOTC, and shall update the document as when deemed necessary.
Article 3 - References
[IAP-NAT-INFA] National Information Assurance Policy, 2014 [IAP-NAT -DCLS] National Information Classification Policy, 2014 [IAP-NAT-IAFW] Information Assurance Framework, 2008
[AES] NIST FIPS PUB 197 “Advanced Encryption Standard (AES),” November 2001.
[CC3.1] Common Criteria for Information Technology Security Evaluation (CC), Version 2.0 (2006)
[CWA14167-1] Security Requirements for Trustworthy Systems Managing Certificates for Electronic Signatures - Part 1: System Security Requirements, CEN Workshop Agreement, CWA 14167-1, June 2003