32 C.F.R. § 2400.45 Information Security Program Review.
Title 32 - National Defense
(a) The Director, OSTP, shall require an annual formal review of the OSTP Information Security Program to ensure compliance with the provisions of Executive Order 12356 and Directive No. 1, and this regulation. (b) The review shall be conducted by a group of three to five persons appointed by the Director and chaired by the Executive Director. The Security Officer will provide any records and assistance required to facilitate the review. (c) The findings and recommendations of the review will be provided to the Director for his determination.
Title 32: National Defense
PART 2400—REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM
Subpart H—Office of Science and Technology Policy Information Security Program Management
§ 2400.45 Information Security Program Review.