Report No. 03-25
July 2003
Office of the Inspector General
Appendix VII
APPLICATION CONTROL CRITERIA
- The GAO's Federal Information System Controls Audit Manual.
- Department of Justice Order 2640.2D, Information Technology Security, Chapter 2, "Security Requirements."
- OMB Circular A-130, Appendix III, Section A 3.b.2.
- National Institute of Standards and Technology, Special Publication 800-18.
- National Institute of Standards and Technology, Federal Information Processing Standards Publication 73, Section 3.1.1.
- Office of the Inspector General Audit report number 03-13 "Independent Evaluation Pursuant to the Government Information Security Reform Act," fiscal year 2002, The Justice Consolidated Network.
- The BOP's Standard Operating Procedures.
- The BOP's SENTRY Contingency Plan.
- The BOP's Information Technology Investment Report.
- The BOP's Community Corrections Management Operations Procedures (PS 5100.07).
- The BOP's SENTRY "General Use Manual."
- The BOP's "SENTRY System Security Guide," dated June 23, 2000.
- The BOP's "SENTRY System Security Plan," dated February 25, 2000.
- The BOP's Security Evaluation Report.
- The BOP's Policy Standard 1237.12.