NIST issues draft federal information security standards
The National Institute of Standards and Technology (NIST) has issued an initial draft of recommended security controls for federal information systems and is seeking public comments for the next three months.
The controls outlined in the document will be published in the fall of 2005 and will be mandatory for all systems at civilian federal agencies, except those designated for national security.
NIST is advising private-sector organizations that operate components of critical infrastructure to review the draft.
The guidelines, once modified from agency and public comments, will be the basis for NIST's Federal Information Processing Standard. A 2002 information security law requires NIST to develop that standard.
Post a Comment
To post a comment, you must provide a name and a valid e-mail address. Messages must be limited to 400 words. By using this Service you agree not to post material that is obscene, harassing, defamatory, or otherwise objectionable. Although Government Executive does not monitor comments posted to this site (and has no obligation to), it reserves the right to delete, edit, or move any material that it deems to be in violation of this rule.