NIST SP 800-34, Contingency Planning Guide for Federal Information Systems
- Discusses essential contingency plan elements and processes, highlights specific considerations and concerns associated with contingency planning for
various types of systems.
- Provides examples to assist readers in developing their own system contingency plans.
NIST SP 800-61, Computer Security Incident Handling Guide
- Assists organization in mitigating the risks from computer security incidents by
providing practical guidelines on responding to incidents effectively and efficiently.
- Guidelines on establishing an effective incident response program, and detecting, analyzing, prioritizing, and handling incidents.
NIST SP 800-128, Guide for Security-Focused Configuration Management of Information Systems
- Guidance focused on implementation of the system security aspects of configuration management, and as such the term security-focused configuration management (SecCM) is used to emphasize the concentration on information security.
- Details the process of applying SecCM practices to systems is described; the goal of SecCM activities is to manage and monitor the configurations of systems to achieve adequate security and minimize organizational risk while supporting the desired business functionality and services.
Many additional NIST publications, available on the CSRC.