NIST releases ‘Managing Information Security Risk’

The National Institute of Standards and Technology has released the final version of its guidelines for information risk management.

NIST has compiled set of guidelines for the Federal Information Security Management Act – that they say is their capstone document for FISMA implementation. NIST Special Publication 800-39 lays out a three-tiered risk-management system for agencies to use. The first tier identifies risk at the management level. Next, a strategy is planned out and then developed into a system. This is the fourth in five documents from the National Institute of Standards and Technology on FISMA reform.

This story is part of Federal News Radio’s daily Cybersecurity Update brought to you by Tripwire. For more cybersecurity news, click here.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.