NIST has new certification guide

NIST Special Publication 800-37

Related Links

Guidelines for federal agencies to use in certifying and accrediting their information systems are available in a new document from the National Institute of Standards and Technology.

The document, "NIST Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems," is one of several publications that NIST officials have issued to help agencies comply with the Federal Information Security Management Act of 2002.

The guide offers a standardized set of procedures for agencies to use in evaluating an information system's various management, operational and technical security controls. It also offers suggestions for determining an acceptable level of risk associated with particular systems.

The new publication is meant to be used with two other NIST publications: "Federal Information Processing Standard Publication 199: Standards for Security Categorization of Federal Information and Information Systems" and "NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems." NIST has released a draft version of SP 800-53 for comment.

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected