Site Security Policy Handbook Working Group (SSPHWG) Co-Chairs: Paul Holbrook/CERT ph@CERT.SEI.CMU.EDU Joyce K. Reynolds/USC-ISI jkrey@ISI.EDU Mailing lists: General discussion: ssphwg@cert.sei.cmu.edu To subscribe: ssphwg-request@cert.sei.cmu.edu Description of Working Group: The Site Security Policy Handbook Working Group is chartered to create a handbook that will help sites develop their own site-specific policies and procedures to deal with computer security problems and their prevention. Objectives: Among the issues to be considered in this group are: 1) Establishing official site policy on computer security. 2) Establishing procedures to prevent security problems. 3) Establishing procedures to use when unauthorized activity occurs. 4) Establishing post-incident procedures. A specific schedule of activities will be worked out in the near future. This group will meet at the next IETF meeting, in Pittsburgh. The formation of this group provided an excellent opportunity for cooperation between areas within the new IESG structure. The User Services director (Craig Partridge) and the Security Area director (Steve Crocker) joined together to support the formation of this working group. After some discussion, it was agreed to place administrative responsibility for this group within the security area, but the work will be reported to and reviewed by both areas in parallel.