NIST issues computer security guidelines for federal agencies

SHARE
RELATED
The National Institute of Standards and Technology has issued the first in a series of standards and guidelines designed to help federal agencies implement a 2002 law mandating greater government computer security.

Released on Feb. 10, the standard is used to calculate the impact of a loss of integrity, confidentiality or availability of agency computer systems and data.

"This starts the whole process," said Stu Katzke, a scientist with NIST's computer-security division, adding that agencies previously had to choose their own guidelines to establish security needs.

Standards on security certification and accreditation for federal systems are expected to be finalized later this spring.

Guidance on categorizing secure systems is expected in August and on actual security controls in December.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
JOIN THE DISCUSSION

By using this service you agree not to post material that is obscene, harassing, defamatory, or otherwise objectionable. Although GovExec.com does not monitor comments posted to this site (and has no obligation to), it reserves the right to delete, edit, or move any material that it deems to be in violation of this rule.

More from GovExec
Obama? Romney? Flip a Coin
» May 29