Having problems with message search?
Risk Management is a required
administrative safeguard -- HIPAA Security Rule 164.308(a)(1)(ii)(B).
Below is information about DRAFT SP
800-39, Managing Risk from Information Systems: An Organizational Perspective.
It is worth the read. It is not technical; it is about managing technology. You
are invited to read the draft. Please feel free to submit your comments to NIST
in preparation of the final publication.
Regards,
Barbara McGowin
From:
compsecpubs@... [mailto:compsecpubs@...] On Behalf Of Patrick O'Reilly
Sent: Thursday, October 25, 2007
3:26 PM
To: Multiple recipients of list
Subject: Release of NIST Draft
Special Publication 800-39
DRAFT SP 800-39, Managing Risk from Information Systems: An
Organizational Perspective
NIST announces the release of the initial public draft of Special Publication
800-39, Managing Risk from Information Systems: An Organizational Perspective.
This publication provides guidelines for managing risk to organizational
operations, organizational assets, individuals, other organizations, and the
Nation resulting from the operation and use of information systems. Special
Publication 800-39 is the flagship document in the series of FISMA-related
publications developed by NIST and provides a disciplined, structured,
flexible, extensible, and repeatable approach for managing that portion of risk
resulting from the incorporation of information systems into the mission and
business processes of the organization. Comments will be accepted through
December 14, 2007. Email comments to: sec-cert@...
URL to DRAFTS page:
http://csrc.nist.gov/publications/PubsDrafts.html
URL to PDF file for Draft SP 8000-39:
http://csrc.nist.gov/publications/drafts/800-39/SP-800-39-ipd.pdf
Offline 
Send Email