NIST provides security guide for managers

Information Security Handbook: A Guide for Managers

Related Links

The National Institute of Standards and Technology has put together a guide to information security tailored specifically for top-level managers.

The publication, "Information Security Handbook: A Guide for Managers," was written for chief information officers, chief information security officers and other officials who have a vested interest in the security of agency systems but who do not necessarily need to get into the nuts and bolts on a daily basis.

The guide focuses on issues that typically arise when planning and implementing a security program, according to NIST.

One chapter, for example, looks at security governance, providing a breakdown of the different security-related responsibilities that must be handled by an agency's management team. The CIO should appoint a CISO to develop and maintain security policies and procedures, the guidelines state, but "information owners" -- individuals who actually manage information -- should be the ones to decide the appropriate use and distribution of their data.

NIST developed the handbook to help managers address the requirements of various security policies and laws, such as the Clinger-Cohen Act of 1996 and the Federal Information Security Management Act. NIST intends the guidelines to be generic, something agencies can tailor to their specific technical and business requirements.

By providing a top-level look at security issues, the handbook "provides guidance for facilitating a more consistent approach to information security programs across the federal government," according to the guidance.

Featured

  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.