U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

ITL Bulletin

Understanding the New NIST Standards and Guidelines Required by FISMA: How Three Mandated Documents are Changing the Dynamic of Information Security for the Federal Government

Date Published: November 2004


Ron Ross (NIST), Patricia Toth (NIST)



Federal Information Processing Standards; Federal Information Security Management Act; FISMA; information security; information system security; minimum security requirements; risk management; Risk Management Framework; SDLC; security categorization; security controls; System Development Life Cycle
Control Families

Audit and Accountability; Assessment, Authorization and Monitoring; Planning; Program Management; Risk Assessment


November 2004 ITL Bulletin

Supplemental Material:
None available

Document History:
11/01/04: ITL Bulletin


Security and Privacy
audit & accountability; planning; risk assessment