Computer Security Assessment Guidelines Updated

Wednesday, July 7, 2010 @ 02:07 PM gHale


There is now an updated set of guidelines for developing security assessment plans and associated security control assessment procedures consistent with the Federal Information Security Management Act (FISMA), said officials at National Institute of Standards and Technology (NIST).


The revised Guide for Assessing Security Controls in Federal Information Systems and Organizations (NIST Special Publication 800-53A, Revision 1) reflects the third revision of Recommended Security Controls for Federal Information Systems and Organizations (NIST Special Publication 800-53, Revision 3), one of the principal documents for FISMA implementation.
Changes in the guide are part of a larger strategic initiative to focus on enterprise wide, near real-time risk management.
The guideline includes security control assessment procedures for national security and non-national security systems and supports a variety of assessment activities in all phases of the system development lifecycle, including development, implementation and operation.
This new publication is the third in a series of special publications that NIST has produced with its partners in the Joint Task Force Transformation Initiative Working Group—the Office of the Director of National Intelligence (ODNI), the Department of Defense (DOD) and the Committee on National Security Systems (CNSS). The Joint Task Force’s goal is to develop a unified information security framework for the federal government and its contractors.



Leave a Reply

You must be logged in to post a comment.