1. Federal Information Technology Security Assessment Framework. National Institute of Standards and Technology s Computer Security Division, System and Network Security Group. November 28, 2000 (www.cio.gov/archive/federal_it_security_assessment_framework.html).

2. Summary Report on Inspection of Allegations Relating to the Albuquerque Operations Office Security Survey Process and the Security Operations Self-Assessments at Los Alamos National Laboratory. United States Department of Energy. May 30, 2000. (www.fas.org/sgp/othergov/doeig_0471.html).

3. EPA s Computer Security Self-Assessment Process Needs Improvement. Report Number 2003-P-00017. United States Environmental Protection Agency. September 30, 2003 (www.epa.gov/oigearth/reports/2003/2003p00017-20030930.pdf ).

4. United States Computer Emergency Readiness Team (US-CERT) (http://www.us-cert.gov/).

5. Digital Signature Standard (DSS). FIPS Publication 186-2. United States Department of Commerce/National Institute of Standards and Technology. January 27, 2000 (http://csrc.nist.gov/publications/fips/fips186-2/fips186-2-change1.pdf ).

6. Security Requirements for Cryptographic Modules. FIPS Publication 140-2. Updated December 3, 2002. National Institute of Standards and Technology s Computer Security Division (http://csrc.nist.gov/cryptval/140-2.htm).