NIST posts final draft of FISMA guidance

The final public draft of a framework for creating the security assessments mandated by the Federal Information Security Management Act is available for download from the National Institute of Standards and Technology (GCN.com/892).

NIST released the Draft Special Publication 800-53A, 'Guide for Assessing the Security Controls in Federal Information Systems,' last month and expects to publish the final edition in March.

SP 800-53A is an addendum to NIST SP 800-53, 'Recommended Security Controls for Federal Information Systems.' This addendum establishes a framework for assessing security controls. Both publications are extensions of Federal Information Processing Standard 200, the core document NIST produced to help agencies with FISMA.

This draft incorporates comments from the previous public drafts. Changes include updated assessment procedures, clarification of some chapters and a new set of assessment cases.

The agency is seeking comments until Jan. 31.

NIST expects this document to be relevant for agency security professionals working as consultants, operational managers, program managers and product developers.

About the Authors

Joab Jackson is the senior technology editor for Government Computer News.

William Jackson is a Maryland-based freelance writer.

Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected