Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-26 Rev. 1 (Initial Public Draft)

Guide for Information Technology Security Assessments and System Reporting Form

Date Published: August 2005
Comments Due: October 17, 2005 (public comment period is CLOSED)
Email Questions to:

Planning Note (01/09/2018):

Draft SP 800-26 Rev. 1 was retired on 2/1/2007 and never went "final".  See the SP 800-26 record for information on superseding publications. 


Marianne Swanson (NIST), Joan Hash (NIST), Mark Wilson (NIST), Richard Kissel (NIST)


The NIST Computer Security Division is pleased to announce for your review and comment draft NIST Special Publication 800-26 Revision 1, Guide for Information Security Program Assessments and System Reporting Form. This draft document brings the assessment process up to date with key standards and guidelines developed by NIST.



information security program assessment; security controls; system assessments
Control Families

None selected


Draft SP 800-26 Rev. 1 (pdf)

Supplemental Material:
None available

Related NIST Publications:
SP 800-26

Document History:
08/15/05: SP 800-26 Rev. 1 (Draft)


Security and Privacy

program management, risk assessment

Laws and Regulations

Federal Information Security Modernization Act