Committee on National Security Systems

The Committee dates its establishment back to 1953, under the name of U.S. Communications Security Board (USCSB).^[3]

Under the name National Security Telecommunications and Information Systems Security Committee (NSTISSC) the committee was established by the National Security Directive 42 (NSD42), "National Policy for the Security of National Security Telecommunications and Information Systems", dated 5 July 1990. On October 16, 2001, President George W. Bush signed Executive Order 13231, the Critical Infrastructure Protection in the Information Age, re-designating NSTISSC as the Committee on National Security Systems.^[3]

On June 12, 2026, President Donald Trump signed National Security Presidential Memorandum 12. This rescinded NSD42 and National Security Memorandum 8, and rebuilt the board with fewer voting members and more enforcement authority. ^[4]

The CNSS holds discussions of policy issues, sets national policy, directions, operational procedures, and guidance of National Security Systems, the information systems operated by the U.S. Government, its contractors or agents that either contain classified information, involve intelligence activities, involve cryptographic activities related to national security, involve command and control of military forces, involve equipment that is an integral part of a weapon or weapons system(s) or are critical to the direct fulfillment of military or intelligence missions.^[5]

Following the issuance of National Security Presidential Memorandum 12, the board was centralized, with the committee becoming chaired by a member of the United States National Security Council. There are 4 voting members: ^[6]

• the United States Secretary of War, acting through the DOW Chief Information Officer (CIO);
• the Director of National Intelligence (DNI), acting through the IC CIO;
• the Director of the Office of Management and Budget (OMB), acting through the Federal CIO;
• the Director of the National Security Agency as National Manager, acting through the Deputy National Manager.

Older members of the board still have seats as advisors, but cannot vote:^[7]

• the Attorney general;
• the United States Secretary of Commerce;
• the Director of the Central Intelligence Agency (CIA);
• the United States National Security Advisor;
• the Assistant to the President for Science and Technology;
• the United States National Cyber Director;
• the Chairman of the Joint Chiefs of Staff;
• the Director of the Cybersecurity and Infrastructure Security Agency (CISA)

The operating agency for CNSS is the National Security Agency, which serves as the focal point for cryptography, telecommunications systems security, and information systems security for NSS. ^[8]

The CNSS defines several standards, which include standards on training in IT security. Current certifications include:^[9]

• NSTISSI-4015 National Training Standard for Systems Certifiers^{[citation needed]}
• CNSSI-4016 National Information Assurance Training Standard For Risk Analysts
• CNSSI-4014 Information Assurance Training Standard for Information Systems Security Officers
• NSTISSI-4011 National Training Standard for Information Systems Security (INFOSEC) Professionals
• CNSSI-4012 National Information Assurance Training Standard for Senior Systems Managers
• CNSSI-4013 National Information Assurance Training Standard For System Administrators

CNSS launched the National Information Assurance Certification and Accreditation Process (NIACAP) in 2000^[10] (was cancelled in 2012).

• Computer Security Institute

• Metheny, M. (2017). "Committee on National Security Systems (CNSS)". Federal Cloud Computing: The Definitive Guide for Cloud Service Providers. Elsevier Science. pp. 218–219. ISBN 978-0-12-809687-1. Retrieved August 28, 2024.
• Schou, C. (2003). Standards, Standards, Standards, Who has the Standards? (PDF). 4th Australian Information Warfare and IT Security Conference – Enhancing Trust. Adelaide, Australia: University of South Australia.

• Official Website