NIST has compiled set of guidelines for the Federal Information Security Management Act – that they say is their capstone document for FISMA implementation. NIST Special Publication 800-39 lays out a three-tiered risk-management system for agencies to use. The first tier identifies risk at the management level. Next, a strategy is planned out and then developed into a system. This is the fourth in five documents from the National Institute of Standards and Technology on FISMA reform.
This story is part of Federal News Radio’s daily Cybersecurity Update brought to you by Tripwire. For more cybersecurity news, click here.
Tom Temin is the host of The Federal Drive, which airs from 6-9 a.m. on 1500 AM in the Washington, DC region and online everywhere. Tom has 30 years experience in journalism, mostly in technology markets. Before coming to Federal News Radio, he was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines.