Date Published: January 17, 2024
Comments Due: March 18, 2024 (public comment period is CLOSED)
Email Questions to:
cyber-measures@list.nist.gov
The initial public drafts (ipd) of NIST Special Publication (SP) 800-55, Measurement Guide for Information Security, Volume 1 – Identifying and Selecting Measures and Volume 2 – Developing an Information Security Measurement Program are available for comment after extensive research, development, and customer engagement.
In response to the feedback from the pre-draft call for comment and initial working draft (annotated outline), NIST continued to refine the publications by organizing the guidance into two volumes and developing more actionable and focused guidance in each.
The public comment period is open now through March 18, 2024. We strongly encourage you to use these comment templates for Vol. 1 and Vol. 2, if possible, and submit it to cyber-measures@list.nist.gov.
Reviewers are encouraged to comment on all or part of each draft volume. NIST is specifically interested in comments, feedback, and recommendations for the following topics:
Volume 1:
Volume 2:
Please direct questions and comments to cyber-measures@list.nist.gov.
NOTE: A call for patent claims is included on page ii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.
None selected
Publication:
https://doi.org/10.6028/NIST.SP.800-55v2.ipd
Download URL
Supplemental Material:
Comment template (xlsx)
NIST news article
Publication Volumes:
SP 800-55 Vol. 1
Document History:
09/24/20: SP 800-55 Rev. 2 (Draft)
11/14/22: SP 800-55 Rev. 2 (Draft)
01/17/24: SP 800-55 Vol. 2 (Draft)
12/04/24: SP 800-55 Vol. 2 (Final)
audit & accountability, maintenance, planning, risk management, security measurement
Laws and Regulations