DATA PROCESSING FACILITIES MAY BE EXPOSED TO VARIOUS RISKS AND HAZARDS IN THE COURSE OF DAILY OPERATIONS. AMONG THESE ARE THREATS TO DATA SUCH AS DISCLOSURE, MODIFICATION, OR DESTRUCTION, AND THREATS TO THE PHYSICAL INSTALLATION SUCH AS FIRE, LOSS OF POWER, OR MALICIOUS DAMAGE OR DESTRUCTION. SOME OF THE GUIDELINES INCLUDE HOW TO PLAN A VITAL RECORDS PROGRAM, A DETAILED SUMMARY OF COMPUTER ROOM PROCEDURES, AND A CASE STUDY OF THE SECURITY CONSIDERATIONS INCORPORATED INTO AN ADVANCED COMPUTER SYSTEM. SECURITY PROBLEMS AND SOLUTIONS OBVIOUSLY VARY IN DIFFERENT SITUATIONS AND AT DIFFERENT TIMES, SO THERE CAN BE NO SET, STRICT, PROCEDURAL MANUAL FOR DEALING WITH ALL POSSIBLE CONTINGENCIES WHICH MIGHT ARISE. THIS PUBLICATION, HOWEVER, EMPHASIZES SOME OF THE MORE IMPORTANT ELEMENTS WHICH SHOULD BE TAKEN INTO CONSIDERATION BY THOSE INVOLVED IN THE DESIGN OF A COMPUTER FACILITY SECURITY SYSTEM. (SNI ABSTRACT)