NIST supplies IT security handbook to managers

The National Institute of Standards and Technology has released a draft of its Information Security Handbook. The handbook provides an overview of information security measures to give managers a better understanding of how to implement an information security program.

According to NIST’s computer security resource center, the purpose of the handbook is to inform the information security management team about expected implementation and oversight of various aspects of information security in their organizations. The publication includes summaries of existing NIST publications and standards.

The 124-page document includes a section on designing, implementing and overseeing a program for awareness and training for information security standards. Other topics include summaries of the responsibilities of agency heads, developing a life cycle for systems development and detailing specific performance metrics for systems evaluation. There is an extensive Frequently Asked Questions section toward the end of the publication.

NIST is requesting that comments on the handbook be sent to [email protected] NIST will be accepting comments until August 7.

Featured

  • Image: Shutterstock

    COVID, black swans and gray rhinos

    Steven Kelman suggests we should spend more time planning for the known risks on the horizon.

  • IT Modernization
    businessman dragging old computer monitor (Ollyy/Shutterstock.com)

    Pro-bono technologists look to help cash-strapped states struggling with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help.

Stay Connected