It's not the end all but it was a nice start to organizational security. Just had to... de-bureaucratize it into something a person could comprehend lol. Then worked from there based on expert writings in each subfield, spy vs spy literature, and what worked for organized crime dodging LEO's. And that's how one learns real security. :)
Yep. That's why they add "Unacknowledged" and "Waived [from extra reporting]" in front of SAP for those that are. I usually only call USAP's, esp waived, black programs in my usage. Seems most accurate, eh?
http://www.dss.mil/documents/odaa/nispom2006-5220.pdf
It's not the end all but it was a nice start to organizational security. Just had to... de-bureaucratize it into something a person could comprehend lol. Then worked from there based on expert writings in each subfield, spy vs spy literature, and what worked for organized crime dodging LEO's. And that's how one learns real security. :)