New FISMA standard is out for comments

The second of a series of Federal Information Processing Standards intended to guide agencies in complying with the Federal Information Security Management Act has been released for public comment.

Once minimum requirements for an IT system have been determined using FIPS-200, agencies will select the appropriate set of security controls from NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems.

The main body of SP 800-53 was finalized in February, but the National Institute of Standards and Technology recently released a draft addendum, SP 800-53A, titled Guide for Assessing the Security Controls in Federal Information Systems.

To read the FIPS-200 draft, go to and enter 463 in the To read SP 800-53A, enter 464 in the

About the Author

William Jackson is a Maryland-based freelance writer.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.