Recommendations for Integrating Information Security into the Capital Planning and Investment Control Process

Bowen, Pauline; Kissel, Richard; Scholl, Matthew; Robinson, Will; Stansfield, Jessica; Voldish, Lisa

NIST SP 800-65 Rev. 1 (Initial Public Draft)

Further development of this draft has ceased (March 28, 2016).

Recommendations for Integrating Information Security into the Capital Planning and Investment Control Process

Date Published: July 2009
Comments Due: August 14, 2009 (public comment period is CLOSED)
Email Questions to:

Planning Note (03/28/2016):

This draft publication has been retired.

Author(s)

Pauline Bowen (NIST), Richard Kissel (NIST), Matthew Scholl (NIST), Will Robinson, Jessica Stansfield, Lisa Voldish

Announcement

NIST announces that Draft Special Publication (SP) 800-65 Revision 1, Recommendations for Integrating Information Security into the Capital Planning and Investment Control Process (CPIC), has been released for public comment. SP 800-65 is intended to help organizations in integrating information security into their CPIC processes by providing guidance on selecting, managing, and evaluating information security investments and accounting for information security in all IT investments.

The public comment period closed on August 14, 2009.

Abstract

SP 800-65 is intended to help organizations in integrating information security into their CPIC processes by providing guidance on selecting, managing, and evaluating information security investments and accounting for information security in all IT investments.

Control Families

Assessment, Authorization and Monitoring; Planning; Program Management; Risk Assessment; System and Services Acquisition

Documentation

Publication:
Draft SP 800-65 Rev. 1 (July 2009) (pdf)

Supplemental Material:
None available

Document History:
07/14/09: SP 800-65 Rev. 1 (Draft)

Topics

Security and Privacy

acquisition

Laws and Regulations

OMB Circular A-11