DATA ITEM DESCRIPTION
Title: Theory of Compliance (TOC)
Number: DI-ADMN-81599 Approval Date: 5 February 2001
AMSC Number: G7418 Limitation: N/A
DTIC Applicable: N/A GIDEP Applicable: No
Office of Primary Responsibility: G-X31
Applicable Forms: None
Use/relationship:
The TOC shall provide detailed design information about system security-critical functions. The
TOC shall describe the actual implementation of each security-critical function and identify how
each system security requirement is satisfied by specific system design details The TOC shall
answer two basic questions about the system design: 1) How have security-critical functions been
implemented? and 2) How is each individual security requirement satisfied?
Requirements:
1. General. The TOC shall answer the how questions associated with the system critical design.
The TOC shall describe each system design feature in enough detail to allow a reader to make
decisions about the adequacy of the implementation in satisfying the system security requirements.
The general approach and identification of security-critical functions shall have been previously
documented in the TEO. The TOC shall be written so that a reader can trace the implementation
of system security-critical functions described in the TOC back to the TEO.
2. Format. The TOC shall be in the contractors format unless specified otherwise in the SOW.
3. Page Size. The size of each finished page shall be on 8 1/2 x 11 paper (metric size A4).
Drawing and illustration fold-outs shall be kept to a minimum; when used, they shall not exceed
the 8 1/2 x 11 limits when folded. Photo-reduction of oversized pages is preferred, provided such
reductions are easily readable and reproducible.
4. Binding. The TOC shall be bound in such a manner that pages can be removed without
damage or mutilation.
5. Changes and Revisions. Changes and revisions to the TOC shall be made in accordance with
the requirements of MIL-STD-961D (1).
Downloaded from http://www.everyspec.com
