New FISMA standard is out for comments

The second of a series of Federal Information Processing Standards intended to guide agencies in complying with the Federal Information Security Management Act has been released for public comment.

Once minimum requirements for an IT system have been determined using FIPS-200, agencies will select the appropriate set of security controls from NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems.

The main body of SP 800-53 was finalized in February, but the National Institute of Standards and Technology recently released a draft addendum, SP 800-53A, titled Guide for Assessing the Security Controls in Federal Information Systems.

To read the FIPS-200 draft, go to www.gcn.com and enter 463 in the GCN.com/box. To read SP 800-53A, enter 464 in the GCN.com/box.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above