Generally Accepted Principles -- Information Security

4. Develop generally accepted principles and practices for information
security.

NIST, in coordination with OMB and with technical assistance from NSA,
should plan and coordinate the development of generally accepted
principles and practices for information security which are to be
applied in the use, protection, and design of government information and
data systems, particularly front-line systems for electronically
delivering service to citizens. Draft guidance should be issued by
September 1994.  More than one set of generally accepted principles and
practices may be required for the affected communities.