Quick Bytes: Security controls

By Peter Piazza

To comply with the government’s Federal Information Security Management Act of 2002 (FISMA), federal agencies must apply baseline security controls. Since agencies have different mission requirements and operational environments, finding the right baseline can be difficult. The National Institute of Standards and Technology (NIST) has released a draft of its Recommended Security Controls for Federal Information Systems, a comprehensive paper that outlines three classes and 17 “families” of security controls, and mapped these to standards including those from ISO and Department of Defense. The paper can be useful to private sector security personnel as well. @ You can download the NIST paper at SM Online.

nist_security_controls1206.pdf1.25 MB



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.