New FISMA standard is out for comments
- By William Jackson
- Jul 22, 2005
The second of a series of Federal Information Processing Standards intended to guide agencies in complying with the Federal Information Security Management Act has been released for public comment.
Once minimum requirements for an IT system have been determined using FIPS-200, agencies will select the appropriate set of security controls from NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems.
The main body of SP 800-53 was finalized in February, but the National Institute of Standards and Technology recently released a draft addendum, SP 800-53A, titled Guide for Assessing the Security Controls in Federal Information Systems.
To read the FIPS-200 draft, go to www.gcn.com
and enter 463 in the GCN.com/box. To read SP 800-53A, enter 464 in the GCN.com/box.
William Jackson is a senior writer of GCN and the author of the CyberEye blog.