This subdirectory contains documentation that describes our practices as it relates to keeping the TDP system in compliance with security requirements for FISMA moderate systems (Note: see section 18 for definition) and other related federal system regulations.
The TANF Data Portal received its Authority to Operate (ATO) from the ACF Chief Information Officer on May 18, 2021. The ATO was extended on March 29, 2023 through May 24, 2024.
- Security Controls - Herein you will find information about TDP's security controls (security requirements laid out by the National Institute of Standards and Technology (NIST)), documented as part of the authority to operate (ATO) process in coordination with ACF's Office of the Chief Information Officer (OCIO).
- White House Cybersecurity Executive Order 14208 - includes information about the status of TANF Data Portal's compliance with White House Cybersecurity Executive Order 14208 issued on May 12, 2021.
- Boundary Diagram and Description - includes a visual and description of how TDP's system code is deployed as well as how the data flows through the system.
- Records Management - describes the security and compliance standards for TDP
- Secret Key Management - lays out TDP's standards for minimizing the risk of leaking secret keys (i.e. sensitive information that--if exposed--opens the door for unauthorized access to the system and/or data therein).
- Incidence Response - is a repository for all incident response (IR) protocols to be followed for TDP.
- TDP-to-TDRS File Fransfer - includes a visual and description of how files will be temporarily transferred from TDP to TDRS.