NIH | National Cancer Institute | NCI Wiki  

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Email the NCI ISSO (link sends email). to obtain written approval to scan your website(s) Be sure to specify what sites and URLs you wish to have scanned in order to avoid any ambiguity. You should specify the highest level URL that contains all of the sub-pages that need to be scanned. For instance, specify if you wish to scan an entire site such as newsite.nci.nih.gov, or only a sub-site such as newsite.nci.nih.gov/systemX.
  2. Once you have received written approval from the NCI ISSO, send an email to: IRT@nih.gov (link sends email) and include a completed copy of the AppScan request form to request the scan. Note: This request form is available only inside the NIH firewall. If you do not have intranet access please email the NCI Security Team for help setting up an external request by emailing NCI ISSO (link sends email).
  3. Once IRT has both the NCI ISSO and your organization’s written approvals, they will schedule and provide a 24 hour notice of the scan to the designated point of contact from your organization. Your organization’s designated security official or project manager must give written authorization (in addition to the NCI ISSO’s permission obtained previously) for IRT to remotely scan your application before they proceed.

...