Search:

Newsletter:

US government releases security guidebook for IT managers

14 July 2008 05:06PM
Tags: security | guidebook | government

Related Articles

• IPv6 to boost US government security
• US government security data compromised
• US government failing on digital security
• Watchdog: U.S. government 'not ready' for consumer nanotech
• Security tops government IT agenda

The U.S. National Institute of Standards and Technology (NIST) has released a publication to help IT managers assess security controls.

The U.S. National Institute of Standards and Technology (NIST) last month released a new publication aimed at helping IT managers assess security controls in their information systems.

The “Special Publication 800-53A, Guide for Assessing the Security Controls in Federal Information Systems”, the document defines a process for determining if security controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting organisational security policies.

The publication is expected to be useful to IT managers who must satisfy requirements of the 2002 U.S. Federal Information Security Management Act (FISMA), as well as to IT professionals across the industry.

“When security controls are less than fully effective, information system vulnerabilities can be exploited by adversaries to compromise the confidentiality, integrity and availability of information processed, stored and transmitted by the system,” said Ron Ross, project leader, FISMA Implementation Project.

Additional tools and techniques for implementing the assessment procedures in Special Publication 800-53A are expected to be made available on the NIST Web site after July 25.