NIST Releases Risk Management Publication Draft - NIST SP 800-39
May 22, 2008 // Published as a news service by IHS
| |
| Electronics & Telecom Docs |
IHS sells a full selection of standards documents & collections from the industry's top organizations.
To learn more, and for a free quote, please complete the form below. |
|
| |
The National Institute of Standards and Technology (NIST) released the second public draft of NIST Special Publication (SP) 800-39, Managing Risk from Information Systems: An Organizational Perspective.
This is the flagship publication in a series of standards and guidelines developed by NIST that relate to the Federal Information Security Management Act (FISMA).
Information technology is critical to the nation's economy, and threats to information systems are real and costly. These dangers can come from human error, environmental problems and planned attacks. They can compromise information confidentiality, integrity and availability.
Experts said SP 800-39 provides a framework for managing the risk arising from the operation and use of information systems and is built upon a common foundation of best security practices.
The target audience for this publication includes agency heads, chief information officers, information system designers, developers and administrators, auditors and inspectors general.
NIST is responsible for establishing information security standards and guidelines for federal agencies that own and operate information systems processing, storing or transmitting other than classified, national security-related information.
The agency also works closely with the U.S. Office of the Director of National Intelligence (ODNI) and the U.S. Department of Defense (DOD) to develop key information security standards and guidelines for use across the federal government.
Source: National Institute of Standards and Technology (NIST).