NIST Issues Final Guidelines on Computer Security Controls for Federal Systems

February 28, 2005

The Commerce Department’s National Institute of Standards and Technology (NIST) today released its final version of recommended security controls for federal information systems. The new guideline will be the basis for a proposal to be made later this year by NIST for a Federal Information Processing Standard (FIPS) that will become mandatory for federal agencies in December 2005.

“This document of security guidelines is going to play a key role in helping federal agencies effectively select and implement security controls and, by using a risk-based approach, do so in a cost-effective manner,” said Shashi Phoha, director of NIST’s Information Technology Laboratory.

This fourth and final version of Recommended Security Controls for Federal Information Systems (NIST Special Publication 800-53) includes changes based on more than 1,200 comments to earlier drafts. Expected to have a wide audience beyond the federal government, the publication recommends management, operational and technical controls needed to protect the confidentiality, integrity and availability of all federal information systems that are not national security systems. The controls cover 17 key security focus areas, including risk assessment, contingency planning, incident response, access control, and identification and authentication. The security guidelines also provide information on selecting the appropriate controls needed to achieve security for low-, moderate-, and high-impact information systems.

NIST SP 800-53 is one of a series of key standards and guidelines produced by NIST’s Computer Security Division to help federal agencies improve their security and comply with the Federal Information Security Management Act (FISMA) of 2002 and Office of Management and Budget security policies. Other recently published NIST security standards and guidelines include Standards for the Security Categorization of Federal Information and Information Systems (FIPS 199) and Guide for the Security Certification and Accreditation of Federal Information Systems (SP 800-37). All of NIST’s security standards and guidelines are available at http://csrc.nist.gov .

As a non-regulatory agency of the U.S. Department of Commerce’s Technology Administration, NIST develops and promotes measurement, standards and technology to enhance productivity, facilitate trade and improve the quality of life.

Source: NIST


print this article email this article download pdf blog this article bookmark this article     Stumble it Digg this share on Facebook retweet share on Reddit add to delicious
Rate this story - not rated yet


February 28, 2005 all stories

Comments: 0

not rated yet
  • Stumble this up

  • Digg this

  • share this

  • hide

  • Related Stories

  • A costly diagnosis: Alzheimer's disease takes toll on memories, and money too
    created Nov 27, 2009 | popularity not rated yet | comments 0
  • The court will now call its expert witness: the brain
    created Nov 20, 2009 | popularity not rated yet | comments 0
  • Doubts raised on nuclear industry viability
    created Nov 19, 2009 | popularity not rated yet | comments 0
  • Research helps overcome barrier for organic electronics
    created Nov 10, 2009 | popularity not rated yet | comments 0
  • NIST test proves 'the eyes have it' for ID verification
    created Nov 04, 2009 | popularity not rated yet | comments 0


Other News

Text-a-Tip programs allow tipsters to help police (AP)

Text-a-Tip programs allow tipsters to help police

Technology / Other

created 5 hours ago | popularity not rated yet | comments 0

(AP) -- A mother in Boston tells police her 8-year-old boy was shot to death in their apartment by gunmen in hooded sweat shirts during a home invasion.


For stars, high-tech gaffes hard to hide (AP)

For stars, high-tech gaffes hard to hide

Technology / Internet

created 4 hours ago | popularity not rated yet | comments 0

(AP) -- So, you fail to take a deep breath and to count to 10 - and you post something you probably shouldn't on Twitter or Facebook, or somewhere else online.


The iconic smartphone hits stores having already shifted more than 50,000 units in pre-sale orders

iPhone's debut in S.Korea means paradigm shift: experts

Technology / Business

created 15 hours ago | popularity 4 / 5 (1) | comments 1

Apple's top selling iPhone made its debut in South Korea Saturday with experts saying the iconic smartphone is likely to serve as a wake-up call for an IT industry basking in an isolated market.


Intel logo A

Intel wants a chip implant in your brain

Technology / Hi Tech

created Nov 23, 2009 | popularity 4.3 / 5 (26) | comments 44

(PhysOrg.com) -- Computer chip maker Intel wants to implant a brain-sensing chip directly into the brains of its customers to allow them to operate computers and other devices without moving a muscle.


Hackers leak e-mails, stoke climate debate

Technology / Internet

created Nov 21, 2009 | popularity 3.5 / 5 (71) | comments 37

(AP) -- Computer hackers have broken into a server at a well-respected climate change research center in Britain and posted hundreds of private e-mails and documents online - stoking debate over whether some scientists have ...




PhysOrg Account
advanced search
  • follow with twitter
  • follow on facebook
  • read with kindle
  • customize RSS
  • physorg mobile
  • newsletter