scope:

PURPOSE. The purpose of this Directive is to ensure the implementation of a MSFC Information Technology (IT) security program that meets minimum Federal and Agency requirements and adequately protects the MSFC IT investment, while supporting the enterprise, program, and project activities of the Center. These policies are consistent with NASA Policy Directive (NPD) 2810.1, and NASA Procedures and Guidelines (NPG) 2810.1, "Security of Information Technology," to require that all information stored, transmitted, or processed within NASA networks be safeguarded consistent with the level of risk and potential for impact to Agency missions that may result from loss, alteration, unavailability, or misuse of the information.

APPLICABILITY. This Marshall Policy Directive (MPD) applies to all employees, MSFC contractor employees, to the extent of the in-force contract or grant, in achieving MSFC missions, programs, projects, and institutional requirements. The directive addresses all MSFC IT resources, including all networks, systems, services; applications connected to the MSFC IT network infrastructure; and all MSFC IT resources outsourced to: (1) another Center; (2) another Government Agency; or (3) a commercial facility.