NIST releases ‘Managing Information Security Risk’

NIST has compiled set of guidelines for the Federal Information Security Management Act – that they say is their capstone document for FISMA implementation. NIST Special Publication 800-39 lays out a three-tiered risk-management system for agencies to use. The first tier identifies risk at the management level. Next, a strategy is planned out and then developed into a system. This is the fourth in five documents from the National Institute of Standards and Technology on FISMA reform.

This story is part of Federal News Radio’s daily Cybersecurity Update brought to you by Tripwire. For more cybersecurity news, click here.