Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
NIST Authors in Bold
|Author(s):||Kelley L. Dempsey; Ronald S. Ross; Kevin M. Stine;|
|Title:||Supplemental Guidance on Ongoing Authorization: Transitioning to Near Real-Time Risk Management|
|Published:||June 03, 2014|
|Abstract:||Office of Management and Budget (OMB) Memorandum M-14-03, Enhancing the Security of Federal Information and Information Systems, reminds Federal agencies that, "Our nation's security and economic prosperity depend on ensuring the confidentiality, integrity and availability of Federal information and information systems," and directs NIST to "publish guidance establishing a process and criteria for agencies to conduct ongoing assessments and authorization." The following guidance clarifies and amplifies current NIST guidance on security authorization contained in Special Publications 800-37, 800-39, 800-53, 800-53A, and 800-137.|
|Citation:||Computer Security Resource Center|
|Keywords:||Federal Information Security Management Act, Information Security Continuous Monitoring, Office of Management and Budget, Risk Management Framework, Ongoing Assessment, Ongoing Authorization|
|Research Areas:||Information Technology, Computer Security, Cybersecurity|
|PDF version:||Click here to retrieve PDF version of paper (219KB)|