NIST has released Draft Special Publication (SP) 800-137A, "Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment." Public comments are due by February 28, 2020.

NIST has released Draft NISTIR 8011 Volume 4, "Automation Support for Security Control Assessments: Software Vulnerability Management," for public comment.  The comment period ends December 20, 2019.

NIST has updated Special Publication (SP) 800-128, "Guide for Security-Focused Configuration Management of Information Systems"

The NCCoE has released Draft SP 1800-23, "Energy Sector Asset Management," for public comment. The comment period ends November 25, 2019.

The NCCoE at NIST has posted to data confidentiality draft project descriptions for public comment. Comments are due by July 29, 2019.

The NCCoE has posted two draft Project Descriptions for public comment. Detecting and protecting against data integrity attacks in industrial control systems (ICS) closes July 25th. Continuous Monitoring (for small and...

NIST has published an update to its Risk Management Framework specification, in NIST Special Publication (SP) 800-37 Revision 2.

NIST's NCCoE has released Draft NIST Internal Report (NISTIR) 8219, "Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection." Public comments may be submitted until December 6, 2018.

The final public draft of NIST SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations--A System Life Cycle Approach for Security and Privacy, is now available. The public comment...

The initial public draft of SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations, is available for public comment until June 22, 2018.