Report a Safety Concern
Search

The U.S. Nuclear Regulatory Commission is in the process of rescinding or revising guidance and policies posted on this webpage in accordance with Executive Order 14151 Ending Radical and Wasteful Government DEI Programs and Preferencing, and Executive Order 14168 Defending Women From Gender Ideology Extremism and Restoring Biological Truth to the Federal Government. In the interim, any previously issued diversity, equity, inclusion, or gender-related guidance on this webpage should be considered rescinded that is inconsistent with these Executive Orders.

Home Nuclear Security Authorizing Official Program

Authorizing Official Program Guidance Documents

Unless otherwise noted, the most recent version of each document available 180 days prior to submission should be utilized.
  • Determine if the system is or will be a National Security System (NSS)
    • National Institute of Standards & Technology (NIST) Special Publication (SP) 800-59, “Guideline for Identifying an Information System as a National Security System”
      • “National Security System Identification Checklist” Appendix A
  • Risk Assessment
    • NIST SP 800-30, “Guide for Conducting Risk Assessments”
  • Security Categorization
    • NIST Federal Information Processing Standards (FIPS) Publication (PUB) 199 “Standards for Security Categorization of Federal Information and Information Systems”
    • NIST FIPS PUB 200 “Minimum Security Requirements for Federal Information and Information Systems”
  • Information System Security Plan
    • NIST SP 800-18, “Guide for Developing Security Plans for Federal Information Systems”
    • NIST SP 800-37, “Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy”
    • NIST SP 800-39, “Managing Information Security Risk”
    • NIST SP 800-53, “Security and Privacy Controls for Information Systems and Organizations”
    • NIST SP 800-53B, “Control Baselines for Information Systems and Organizations”
    • CNSS Policy (CNSSP) No. 18, “National Policy for Classified Information Spillage”
    • Committee on National Security Systems Instruction (CNSSI) No. 1253, “Security Categorization and Control Selection for National Security Systems”
    • CNSSI No. 1253E Attachment 5, “Classified Systems Overlay”

Page Last Reviewed/Updated Monday, August 4, 2025