Standards for Security Categorization of Federal Information and Information Systems

National Institute of Standards and Technology

doi:https://doi.org/10.6028/NIST.FIPS.199

FIPS 199

Standards for Security Categorization of Federal Information and Information Systems

Documentation Topics

Date Published: February 2004

Planning Note (3/17/2023): Send inquiries about this publication to sec-cert@nist.gov.

Author(s)

National Institute of Standards and Technology

Abstract

The purpose of this document is to provide a standard for categorizing federal information and information systems according to an agency's level of concern for confidentiality, integrity, and availability and the potential impact on agency assets and operations should their information and information systems be compromised through unauthorized access, use, disclosure, disruption, modification, or destruction.

Keywords

Federal information; Federal information systems; FIPS; classification; security

Control Families

Audit and Accountability; Assessment, Authorization and Monitoring; Planning; Program Management; Risk Assessment

Documentation

Publication:
FIPS 199 (DOI)
Local Download

Supplemental Material:
None available

Related NIST Publications:
FIPS 200

Document History:
02/01/04: FIPS 199 (Final)

Topics

Security and Privacy
audit & accountability; planning; risk assessment

Laws and Regulations
E-Government Act; Federal Information Security Modernization Act; Homeland Security Presidential Directive 7; OMB Circular A-130