Based on the Federal IT Security Assessment Framework, ITL’s governmentwide information security assessment tool, Automated Security SelfEvaluation Tool (ASSET), assists federal agencies in improving the security of their information systems and resources. ASSET automates the completion of ITL’s security questionnaire, which was published in NIST Special Publication (SP) 800-26, Security SelfAssessment Guide for Information Technology Systems, by Marianne Swanson. Guidance from the Office of Management and Budget directs federal agencies to use this document as the basis for conducting their annual reviews under the Federal Information Security Management Act (FISMA). Through interpretation of the questionnaire results, users are able to assess the IT security posture for any number of systems within their organization and, in particular, assess the status of the organization's security program plan. This ITL Bulletin describes the features and capabilities of ASSET, which is freely available at http://csrc.nist.gov/asset.
Based on the Federal IT Security Assessment Framework, ITL’s governmentwide information security assessment tool, Automated Security SelfEvaluation Tool (ASSET), assists federal agencies in improving the security of their information systems and resources. ASSET automates the completion of ITL’s...
See full abstract
Based on the Federal IT Security Assessment Framework, ITL’s governmentwide information security assessment tool, Automated Security SelfEvaluation Tool (ASSET), assists federal agencies in improving the security of their information systems and resources. ASSET automates the completion of ITL’s security questionnaire, which was published in NIST Special Publication (SP) 800-26, Security SelfAssessment Guide for Information Technology Systems, by Marianne Swanson. Guidance from the Office of Management and Budget directs federal agencies to use this document as the basis for conducting their annual reviews under the Federal Information Security Management Act (FISMA). Through interpretation of the questionnaire results, users are able to assess the IT security posture for any number of systems within their organization and, in particular, assess the status of the organization's security program plan. This ITL Bulletin describes the features and capabilities of ASSET, which is freely available at http://csrc.nist.gov/asset.
Hide full abstract
Keywords
Automated Security Self-Evaluation Tool; security assessment tool