NIST issuing final draft of IT security controls

scan pc for spyware or adware free

NIST issuing final draft of IT security controls

National Institute of Standards and Technology released the 
final public draft of recommended security controls for federal 
systems, a fine-tuned version of a document that will become a 
mandatory Federal Information Processing Standard by the end of the 
year. 

The agency's IT Laboratory says this third version of Special
Publication 800-53 [1] contains modest changes based on more than 400
responses to earlier releases. It is one of seven NIST publications
being produced as required by the Federal Information Security
Management Act.

NIST released the initial draft in November 2003 and the second last
September. Comments on the current draft can be e-mailed [2] to the
agency's Computer Security Division until Feb. 11.

The agency expects a final version to get Commerce Department approval 
by the end of February. 

"SP 800-53 has special significance in that the security controls 
contained in the recommended baselines will form the basis for those 
controls that will become mandatory in December 2005," NIST said in 
releasing the publication. "At that time, FIPS 200, Minimum Security 
Controls for Federal Information Systems, will take effect and be 
applicable to all federal information systems other than national 
security systems."

The controls include management, operational and technical safeguards, 
and countermeasures that ensure the confidentiality, integrity and 
availability of government systems. They create baseline 
configurations for low, moderate and high risk systems. 

Changes in the current draft include: 

* The class designations management, operational and technical have 
  been reinstated to more closely conform to the existing organization 
  of agencies. security programs. 

* Guidance has been enhanced for evaluating public access systems and 
  addressing scalability, with expanded risk-based considerations to 
  provide more flexibility in establishing appropriate controls. 

* The concept of compensating security controls has been added to 
  allow for equivalent or comparable controls not included in the 
  publication. 

* The low baseline security controls have been adjusted to reduce the 
  minimum controls for low-impact systems. 

* A new set of application-level security controls has been added.



Internet Security News Home

 

WorldsLargestNetwork.com




Scan Your PC for Spyware Free

PC Speed Boost

Create Website Easily

Computer Monitoring Software

Internet Education

Anti Spy Software

Stop Pop Ups

Pop-up Eliminator

Adware Removal

Computer Virus Software

Free Scan Spyware Remover

IT Training

Security Software

Security Solutions

Software Protection

Speed Up PC

Virus Protection

Web Safety

Adware Remover and Spyware Protection

Animated Desktop Characters

Anti Virus Software

Audioexam Study Guides in Mp3 Format

Internet Privacy

Detection Connection

Investigate Anyone or Anything

Password Protection Software

Securing Privacy

Spyware Remover





Best of the Web 1 | Best of the Web 2 | Best of the Web 3 | Best of the Web 4


Worlds Largest Network

Active © 2006; WorldsLargestNetwork.com ; Rights Reserved