Committee on
National Security Systems

The CNSS consists of representation from 21 U.S. Government Executive Branch Departments and Agencies. In addition to the 21 Members, there are representatives serving as Observers from 14 additional organizations. The CNSS provides a forum for the discussion of policy issues; sets national policy; and promulgates direction, operational procedures, and guidance for the security of national security systems.

With its membership and participants alone, the CNSS crosses the three communities - Intelligence Community, Department of Defense, and the Civil Agencies. The CNSS is responsible for the protection of national security systems (NSS) that reside in these communities. Through the CNSS Committee, Subcommittee, Working Groups, and the CNSS Secretariat, the CNSS has fostered partnerships with the private sector, academia, other councils and communities, and our allies. The CNSS priorities and goals support the President's Comprehensive National Cybersecurity Initiative (CNCI) and focus on increasing the level of trust in NSS, protecting them from our adversaries, and making certain that mission essential functions can be performed in the increasingly hostile cyber environment. This work also is consistent with National Security Presidential Directive 54 and Homeland Security Presidential Directive 23. Members and Observers of the CNSS participate in other related Government working groups and represent the CNSS at workshops and conferences.

National security systems are information systems operated by the U.S. Government, its contractors, or agents that contain classified information or that:

• involve intelligence activities;
• involve cryptographic activities related to national security;
• involve command and control of military forces;
• involve equipment that is an integral part of a weapon or weapons system(s); or
• are critical to the direct fulfillment of military or intelligence missions (not including routine administrative and business applications).

The definition for a National Security System, along with other applicable terms used in the National Security Community, are found in CNSSI 4009, "Information Assurance Glossary"

The Executive Agent of the Government for national security systems is the Secretary of Defense. This designation was mandated by National Security Directive (NSD)-42, "National Policy for the Security of National Security Telecommunications and Information Systems", dated 5 July 1990. The Executive Agent is responsible for implementing, under his signature, various policies and procedures to increase the security of national security systems. His specific duties are listed in NSD-42.

The Director, National Security Agency (DIRNSA), is designated as the National Manager for National Security Systems. This designation was mandated by National Security Directive (NSD)-42, "National Policy for the Security of National Security Telecommunications and Information Systems", dated 5 July 1990. The DIRNSA is responsible to the Executive Agent for carrying out his responsibilities. The National Managers specific responsibilities are listed in NSD-42.

The CNSS Secretariat was formed by National Security Directive (NSD)-42, "National Policy for the Security of National Security Telecommunications and Information Systems", dated 5 July 1990. The Secretariat is composed primarily of personnel from the National Security Agency and may receive detailed personnel from the CNSS Membership as requested by the CNSS Chair. The CNSS Secretariat is the administrative arm of the CNSS. They are responsible for: (1) arranging the Committee, Subcommittee, and working group meetings; (2) establishing, facilitating, and participating in CNSS working groups; (3) maintaining the various CNSS issuances; (4) developing and facilitating the coordination process for CNSS issuances; (5) providing and monitoring contractor support to the CNSS; (6) tracking funding support to the CNSS; and (7) planning, scoping, and executing the annual CNSS Conference.

The original Members of the CNSS were identified in National Security Directive (NSD)-42, "National Policy for the Security of National Security Telecommunications and Information Systems", dated 5 July 1990. The Members are from the Executive Branch of the U.S. Federal Government. Membership into the CNSS must be approved by the CNSS Chair. CNSS Members are responsible for the development and issuance of CNSS policies, directives, instructions, and guidance to the National Security Community for the protection of national security systems. Currently, there are 21 Members.

Departments and Agencies outside of the U.S. Federal Executive Branch can request to be an Observer to the CNSS. Such requests must be approved by the CNSS Chair and Co-Chair. Observers are invited to participate in CNSS Working Groups and in the review of CNSS issuances. While Observers can provide input, they are not allowed to vote on the acceptance of any CNSS issuance. Currently, there are 14 Observers.

Contractors, who are supporting CNSS Member and Observer agencies, may participate in the CNSS working groups as the Member/Observer agency representative with prior approval from the Member or Observer. They may attend Subcommittee meetings, upon invitation.

Unclassified CNSS documents are available to the public and are posted on this site. For more information, contact cnss@nsa.gov.

Yes, despite the fact that many are dated in the 1980s. As CNSS documents are phased out or replaced, it is noted in the Index.

CNSS issuances are directed at those entities that own and/or are users of national security systems. The Heads of the Executive Departments and Agencies are responsible for ensuring that CNSS policies and directives are implemented within their departments or agencies. CNSS instructions provide guidance and technical criteria for specific IA issues. IA Advisory Memoranda or information memoranda address ad hoc issues of a general nature relating to National Security Systems issues. These advisories, as issued, are NOT binding upon U.S. Government departments and agencies. Contractors supporting the Executive Departments and Agencies are required to protect National Security Systems consistent with the CNSS requirements.

The Committee on National Security Systems (CNSS) mission is to set national-level Information Assurance policies, directives, instructions, operational procedures, guidance and advisories for United States Government (USG) departments and agencies for the security of National Security Systems (NSS). It provides a comprehensive forum for strategic planning and operational decision-making to protect NSS. The CNSS also approves the release of INFOSEC products and information to Foreign Governments.

The CNSS Committee and Subcommittee meet monthly. Working groups meet as needed. The CNSS Chair and Co-Chair may convene meetings as required.