Having problems with message search?
Read and reap the benefits! Your comments
are invited.
From:
compsecpubs@... [mailto:compsecpubs@...] On Behalf Of Patrick O'Reilly
Sent: Tuesday, August 19, 2008
2:12 PM
To: Multiple recipients of list
Subject: NIST Releases Special
Publication 800-37 Revision 1
NIST announces the completion of an interagency project to develop a
common process to authorize federal information systems for operation. The
initial public draft of NIST Special Publication 800-37, Revision 1, Guide for Security Authorization of Federal
Information Systems: A Security Lifecycle Approach, is now available
for a six-week public comment period. The publication contains the proposed new
security authorization process for the federal government (currently commonly
referred to as certification and accreditation, or C&A). The new process is
consistent with the requirements of the Federal Information Security Management
Act (FISMA) and the Office of Management and Budget (OMB) Circular A-130,
Appendix III, promotes the concept of near real-time risk management based on
continuous monitoring of federal information systems, and more closely couples
information security requirements to the Federal Enterprise Architecture (FEA)
and System Development Life Cycle (SDLC).
To learn more about this public draft of SP 800-37, Revision 1, please visit
the Drafts page on the NIST Computer Security Resource Center (CSRC) at:
http://csrc.nist.gov/publications/PubsDrafts.html#800-37_Rev1
Pat O'Reilly
List Administrator for the Computer Security Publications (compsecpubs) mailing
list
Computer Security DIvision
NIST
Offline 
Send Email