§ 3552. Definitions
487 words·~2 min read·
/usc/title-44/section-3552A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
(a)In General.— Except as provided under subsection (b), the definitions under section 3502 shall apply to this subchapter.
(b)Additional Definitions.— As used in this subchapter:
(1)The term “binding operational directive” means a compulsory direction to an agency that—
(A)is for purposes of safeguarding Federal information and information systems from a known or reasonably suspected information security threat, vulnerability, or risk;
(B)shall be in accordance with policies, principles, standards, and guidelines issued by the Director; and
(C)may be revised or repealed by the Director if the direction issued on behalf of the Director is not in accordance with policies and principles developed by the Director.
(2)The term “incident” means an occurrence that—
(A)actually or imminently jeopardizes, without lawful authority, the integrity, confidentiality, or availability of information or an information system; or
(B)constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies.
(3)The term “information security” means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide—
(A)integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity;
(B)confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and
(C)availability, which means ensuring timely and reliable access to and use of information.
(4)The term “information technology” has the meaning given that term in section 11101 of title 40.
(5)The term “intelligence community” has the meaning given that term in section 3(4) of the National Security Act of 1947 (50 U.S.C. 3003(4)).
(A)The term “national security system” means any information system (including any telecommunications system) used or operated by an agency or by a contractor of an agency, or other organization on behalf of an agency—
(i)the function, operation, or use of which—
(I)involves intelligence activities;
(II)involves cryptologic activities related to national security;
(III)involves command and control of military forces;
(IV)involves equipment that is an integral part of a weapon or weapons system; or
(V)subject to subparagraph (B), is critical to the direct fulfillment of military or intelligence missions; or
(ii)is protected at all times by procedures established for information that have been specifically authorized under criteria established by an Executive order or an Act of Congress to be kept classified in the interest of national defense or foreign policy.
(B)Subparagraph (A)(i)(V) does not include a system that is to be used for routine administrative and business applications (including payroll, finance, logistics, and personnel management applications).
(7)The term “Secretary” means the Secretary of Homeland Security.
(Added Pub. L. 113–283, § 2(a), Dec. 18, 2014, 128 Stat. 3074.)
Connections64 cite this · traces to 3
Cited by 64 sections · top 48
U.S. Code
- § 3501Purposes
- § 101Definitions and declaration of policy
- § 2224Defense Information Assurance Program
- § 3601Definitions
- § 2222Defense business systems: business process reengineering; enterprise architecture; management
- § 11301Responsibility of Director
- § 639Reporting requirements and agency cooperation
- § 2223Information technology: additional responsibilities of Chief Information Officers
- § 3551Purposes
- § 11331Responsibilities for Federal information systems standards
- § 5527Miscellaneous provisions
- § 11302Capital planning and investment control
- § 1500National Cyber Director
- § 3602Director of the Agency and Director of Compliance
- § 1526Inventory of cryptographic systems; migration to post-quantum cryptography
- § 3100Intelligence community business system transformation
- § 1321Definitions
- § 3334mAdditional responsibilities of Director of National Intelligence for artificial intelligence policies, standards, and guidance for the intelligence community
- § 3557National security systems
- § 3068Inapplicability of certain laws
- § 3334eEnhanced procurement authority to manage supply chain risk
- § 677aDefinitions
- § 3252Requirements for information relating to supply chain risk
- § 6327Enhanced procurement authority to manage supply chain risk
public-private-law
register
- Notices
- Notices
- Presidential Documents
- Rules and RegulationsProposed rule
- NoticesInterim final rule with request for comments
- NoticesFinal rule; request for comments
- Presidential Documents
- NoticesProposed rule
- Rules and RegulationsFinal rule
- Rules and RegulationsProposed rule
- NoticesNotice of availability; request for comments
- NoticesIssuance of binding operational directive; procedures for responses; notice of availability
- NoticesProposed rule
- Rules and Regulations
- Rules and RegulationsInterim rule
- NoticesFinal rule
- Rules and Regulations60-Day notice and request for comments
- Proposed Rules
- NoticesIssuance of a binding operational directive; notice of availability
- NoticesProposed rule
- Notices30-day notice and request for comment; new information collection request
- Notices30-Day notice and request for comments
Traces to 3 documents
U.S. Code
public-private-law
1 reference not yet in our index
- 128 Stat. 3074
Citation graph
cites case law
§ 3552
Definitions
U.S.C.×32
Fed. Reg.×30
C.F.R.×1
Pub. L.×1
Stat.128 Stat. 3074
Cites 4Cited by 64 across 4 sources