Radack, S.
(2006),
Minimum Security Requirements for Federal Information and Information Systems: Federal Information Processing Standard (FIPS) 200 Approved by the Secretary of Commerce, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=150635 (Accessed May 6, 2026)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Minimum Security Requirements for Federal Information and Information Systems: Federal Information Processing Standard (FIPS) 200 Approved by the Secretary of Commerce
Published
Author(s)
Abstract
This bulletin provides information on the applicability and implementation of FIPS 200, Minimum Security Requirements for Federal Information and Information Systems. It advises Federal agencies of the requirements under the Federal Information Security Management Act (FISMA) of 2002 to categorize their information systems in accordance with FIPS 199, Standards for the Security Categorization of Federal Information and Information Systems, and to provide appropriate security for information and systems, based on levels of risk. FIPS 200 helps agencies to select an appropriate set of security controls from NIST Special Publication (SP) 800-53, Recommended Security Controls for Federal Information Systems, to satisfy their minimum security requirements.Citation
ITL Bulletin -
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
Federal Information Processing Standard, Federal Information Security Management Act, levels of risk, minimum security requirements, security categorization, security controls
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created March 24, 2006, Updated January 27, 2020