NIST has new certification guide

NIST Special Publication 800-37

Related Links

Guidelines for federal agencies to use in certifying and accrediting their information systems are available in a new document from the National Institute of Standards and Technology.

The document, "NIST Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems," is one of several publications that NIST officials have issued to help agencies comply with the Federal Information Security Management Act of 2002.

The guide offers a standardized set of procedures for agencies to use in evaluating an information system's various management, operational and technical security controls. It also offers suggestions for determining an acceptable level of risk associated with particular systems.

The new publication is meant to be used with two other NIST publications: "Federal Information Processing Standard Publication 199: Standards for Security Categorization of Federal Information and Information Systems" and "NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems." NIST has released a draft version of SP 800-53 for comment.

Featured

  • People
    Federal 100 logo

    Announcing the 2021 Federal 100 Award winners

    Meet the women and men being honored for their exceptional contributions to federal IT.

  • Comment
    Diverse Workforce (Image: Shutterstock)

    Who cares if you wear a hoodie or a suit? It’s the mission that matters most

    Responding to Steve Kelman's recent blog post, Alan Thomas shares the inside story on 18F's evolution.

Stay Connected