Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-23

Guidelines to Federal Organizations on Security Assurance and Acquisition/Use of Tested/Evaluated Products

Date Published: August 2000

Withdrawn: August 01, 2018

Planning Note (8/1/2018): Withdrawn: Pre-dates many relevant laws, regulations, and executive directives, and does not reflect NIST’s current validation programsRisk Management Framework, or the Cybersecurity Framework. For a current overview, see SP 800-12 Rev. 1An Introduction to Information Security.

Author(s)

Edward Roback (NIST)

Abstract

Keywords

Assurance; computer security; evaluation; information assurance; IT security; security testing
Control Families

Security Assessment and Authorization; Risk Assessment; System and Services Acquisition;

Documentation

Publication:
SP 800-23 (DOI)
Local Download

Supplemental Material:
None available

Topics

Security and Privacy
acquisition; testing & validation