The document source is:

http://www.dss.mil/isec/nispom.htm

The reference is to Chapter 8 of the National Industrial Security Program 
(NISPOM). Contractors, that handle classified data, must comply with NISPOM.

On Thursday 15 April 2004 07:48 pm, Conrad T. Pino wrote:
> > From: Bob Nestor [mailto:rnestor@augustmail.com]
> >
> > On Apr 15, 2004, at 2:59 PM, Conrad T. Pino wrote:
> > > It this the Chapter 8 you're referring to:
> > > http://www.fas.org/sgp/library/nispom/change_ch8.htm
> >
> > I'm not positive since Security hasn't offered the document to me, but
> > this one looks like it matches the questions they're hitting me with.
> > They have given me some documentation on how to deal with this on
> > Solaris and IRIX and they claim to have a document for Linux, but
> > nothing on NetBSD.
>
> http://www.google.com/search?num=100&q=%22Chapter+8%22+%22Information+Syste
>m+Security%22
>
> This Google query gets interesting results.  Top site is Federation
> of American Scientists (FAS) and next 2 are militry sites.  Second
> site is PDF file that says it a military standard:
>
> DoD 5220.22-M, May 1, 2000 Second Amendment (Change 2, 5/1/2000)
>
> The document isn't very technical and reads like a contract.
> I think you need a lawyer with a Computer Science degree.
>
> Good luck.

-- 

John R. Shannon
john@johnrshannon.com