NIST invites comment on draft standard

NIST Draft Special Publication 800-53A

Computer scientists at the National Institute of Standards and Technology have released draft versions of two documents that they consider to be among the most important in a recent series of NIST documents on information security.

One is a small publication describing minimum security requirements that will become mandatory after the Commerce Department secretary signs the document, as he is expected to do at the end of this year. That document is "Draft Federal Information Processing Standard (FIPS) Publication 200: Minimum Security Requirements for Federal Information and Information Systems."

A second document, "Draft Special Publication 800-53A: Guide for Assessing the Security Controls in Federal Information Systems," is a 152-page guide to developing a cost-effective information security program based an agency’s assessment of its risks.

Both documents are meant to help federal agencies secure their information systems and comply with the Federal Information Security Management Act (FISMA) of 2002, NIST officials said.

“We have attempted to provide a security standard that establishes a level of security due diligence for federal agencies in protecting their information and information systems,” Ron Ross, project leader for NIST’s FISMA Implementation Project, writes in the introduction to "FIPS Publication 200."

NIST will accept comments on "Draft Special Publication 800-53A" until 5 p.m. EDT Aug. 31 at sec-cert@nist.gov. Comments on "Draft FIPS Publication 200" will be accepted until 5 p.m. EDT Sept. 13 at draftfips200.nist.gov.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.