NIST issues computer security guidelines for federal agencies

The National Institute of Standards and Technology has issued the first in a series of standards and guidelines designed to help federal agencies implement a 2002 law mandating greater government computer security.

Released on Feb. 10, the standard is used to calculate the impact of a loss of integrity, confidentiality or availability of agency computer systems and data.

"This starts the whole process," said Stu Katzke, a scientist with NIST's computer-security division, adding that agencies previously had to choose their own guidelines to establish security needs.

Standards on security certification and accreditation for federal systems are expected to be finalized later this spring.

Guidance on categorizing secure systems is expected in August and on actual security controls in December.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by eSignLive by VASCO

    Mobile E-Signatures for Government

    Learn 5 key trends that accelerate government demand for mobile signing.

  • Sponsored by Management Concepts

    SPONSORED: Successful Change Management Practices in the Public Sector

    How governmental agencies implement organizational change management.

  • Sponsored by Kronos

    Solving the Workforce Compliance Challenge

    Download this eBook to learn how data and automation can help state and local agencies.


When you download a report, your information may be shared with the underwriters of that document.