Skip to main content
U.S. flag

An official website of the United States government

National Checklist Program for IT Products Guidelines for Checklist Users and Developers

Published

Author(s)

Stephen Quinn, Karen A. Scarfone, Murugiah Souppaya

Abstract

[Superseded by SP 800-70 Rev. 2 (February 2011): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907732] A security configuration checklist is a series of instructions for configuring a product to a particular operational environment. Checklists can comprise templates or automated scripts, patches or patch descriptions, XML files, and other procedures. Checklists are intended to be tailored by each organization to meet its particular security and operational requirements. The use of well-written, standardized checklists can markedly reduce the vulnerability exposure of IT products. This publication gives an overview of the NIST National Checklist Program, explains how to retrieve checklists from the NIST National Checklist Repository, and provides general information about threat discussions and baseline technical security practices for associated operational environments. [Supersedes SP 800-70 (May 2005): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=150235]
Citation
Special Publication (NIST SP) - 800-70 Rev 1
Report Number
800-70 Rev 1

Keywords

Checklist, National Checklist Program, security checklist, security configuration, security configuration checklist

Citation

Quinn, S. , Scarfone, K. and Souppaya, M. (2009), National Checklist Program for IT Products Guidelines for Checklist Users and Developers, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD (Accessed December 13, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created September 29, 2009, Updated October 12, 2021