scope:

This order applies to all AVR employees, contractors, subcontractors, and users of AVR information systems and assets that support the AVR mission. This order covers all information assets used or owned by AVR organizations; all AVR information stored, processed, disseminated, or transmitted using FAA information systems, all information systems funded or managed by AVR, including prototypes, tests, experiments, or developmental systems, and all AVR or non-AVR facilities where these information systems are developed, housed, managed, or operated.

PURPOSE. This order implements security policy defined in Order 1370.82, FAA Information Systems Security Program, and establishes minimum requirements for Information System Security (ISS) Protection to be implemented in the Regulation and Certification (AVR) line of business (LOB). The order defines acceptable practices and procedures for ensuring adequate protection of the AVR information systems.