Information Technology Sector-Specific Plan: An Annex to the National Infrastructure Protection Plan  [open pdf - 1MB]
"During the past year, members of the Information Technology (IT) Government Coordinating Council (GCC) and the IT Sector Coordinating Council (SCC) collaborated to develop the 2010 IT Sector-Specific Plan (SSP). The IT SSP details the progress the IT Sector has made in its national-level risk management efforts, including the completion of the IT Sector Baseline Risk Assessment (ITSRA) in 2009, and discusses how it is using the results of that baseline analysis to inform the sector's critical infrastructure and key resources (CIKR) protective programs, research and development, and measurement activities. [...] Each year, the IT Sector CIKR Protection Annual Report provides updates on the sector's efforts to identify, prioritize, and coordinate the protection of its critical infrastructure. The Sector Annual Report describes the current priorities of the sector and the progress made during the past year in following the plans and strategies set out in the IT SSP."
Department of Homeland Security: http://www.dhs.gov