NIST releases new FISMA guidance

NIST releases new FISMA guidance

The National Institute of Standards and Technology has released further draft guidance to help agencies meet the requirements of the Federal Information Security Management Act of 2002.

NIST Special Publication 800-60, Guide for Mapping Types of Information and Information Systems to Security Categories, shows agencies how to assign the security ratings to their information and systems. To view it online, click guide.

The new guide is a follow-up to Federal Information Processing Standard 199, which established basic ratings for assessing security risks of information and systems. To access it online, click FIPS 199.

Publication 800-60 details how to apply the 199 standard's basic ratings to an agency's specific lines of business, as defined by the Office of Management and Budget's Business Reference Model. The reference model is a framework describing government functions and mechanisms.

NIST is providing multiple guides to help agencies meet FISMA requirements. Last month, the agency released a draft of Special Publication 800-53, which outlined minimum security controls required for government systems [see GCN story].

The agency will accept comments on the latest special publication draft until Feb. 20. NIST will hold a workshop on the guidance Feb. 26 and 27.

About the Author

Joab Jackson is the senior technology editor for Government Computer News.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected