This guideline contains information derived from the requirements of the TCSEC prefaced by the word "shall", and recommendations derived from good practices prefaced by the word "should" when conducting trusted facility management. The recommendations in this document are also not to be construed as supplementary requirements to the TCSEC. The TCSEC is the only metric against which systems are to be evaluated. Throughout this guideline there will be examples, illustrations, or citations of administrative roles and operations that have been used in trusted facility management. The use of these examples, illustrations, and citations does not mean that they contain the only acceptable procedures, methods, or processes. The selection of these examples is based solely on their availability in the computer security literature. Examples in this document are not to be construed as the only implementations that will satisfy the TCSEC requirements or intended to single out any particular operating system to highlight weaknesses and shortfalls, but merely to provide clarification. The examples are suggestions of appropriate implementations.