Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

ITL Bulletin

Recommended Security Controls for Federal Information Systems: Guidance for Selecting Cost-Effective Controls Using a Risk-Based Process

Date Published: May 2005


Shirley Radack (NIST)



Federal Information Processing Standards; Federal Information Security Management Act; FISMA; information security; information system security; minimum security requirements; NIST Special Publications; risk management; Risk Management Framework; security categorization; security controls;
Control Families

None selected


No Download Available

Supplemental Material:
None available

Document History:
05/01/05: ITL Bulletin (Final)