Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

ITL Bulletin November 2004

Understanding the New NIST Standards and Guidelines Required by FISMA: How Three Mandated Documents are Changing the Dynamic of Information Security for the Federal Government

Date Published: November 2004

Author(s)

Ron Ross (NIST), Patricia Toth (NIST)

Abstract

Keywords

Federal Information Processing Standards; Federal Information Security Management Act; FISMA; information security; information system security; minimum security requirements; risk management; Risk Management Framework; SDLC; security categorization; security controls; System Development Life Cycle
Control Families

Audit and Accountability; Security Assessment and Authorization; Planning; Program Management; Risk Assessment;

Documentation

Publication:
November 2004 ITL Bulletin

Supplemental Material:
None available

Topics

Security and Privacy
audit & accountability; planning; risk assessment