![]() ![]() Security assessments can be conducted as self-assessments independent, third-party assessments or government-sponsored assessments and can be applied with various degrees of rigor, based on customer-defined depth and coverage attributes. The assessment procedures are flexible and can be customized to the needs of the organizations and the assessors conducting the assessments. This publication provides federal and nonfederal organizations with assessment procedures and a methodology that can be employed to conduct assessments of the CUI security requirements in NIST Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. The protection of Controlled Unclassified Information (CUI) resident in nonfederal systems and organizations is of paramount importance to federal agencies and can directly impact the ability of the federal government to successfully conduct its assigned missions and business operations. The very insightful comments from the public and private sectors, nationally and internationally, continue to help shape the final publication to ensure that it meets the needs and expectations of our customers. ![]() We appreciate each contribution from our reviewers. Your feedback on this draft publication is important to us. Providing supplemental guidance to explain and interpret the CUI security requirements.Facilitating different levels of assurance in security assessments by varying the scope and rigor of the assessment through selectable depth and coverage attributes and.Describing a set of assessment objects to which the methods can be applied.Specifying assessment methods that can be used to generate evidence and produce findings and results.Defining assessment objectives to help guide and inform the assessment.Providing flexible and tailorable assessment procedures for the CUI security requirements.This publication is intended to help organizations develop assessment plans and conduct efficient, effective, and cost-effective assessments of the security requirements in NIST Special Publication 800-171, Protecting Controlled Unclassified Information is Nonfederal Systems and Organizations. NIST announces the release of Draft Special Publication 800-171A, Assessing Security Requirements for Controlled Unclassified Information. Comments Due: Janu(public comment period is CLOSED)Įmail Questions to: Ross (NIST), Kelley Dempsey (NIST), Victoria Pillitteri (NIST) Announcement ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |