[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Common IT security framework for government gets a step closer
From: InfoSec News <alerts () infosecnews ! org>
Date: 2012-09-24 8:29:25
Message-ID: alpine.DEB.2.02.1209240329140.25856 () infosecnews ! org
[Download RAW message or body]
http://gcn.com/articles/2012/09/21/nist-risk-assessment-guide.aspx
By William Jackson
GCN.com
Sep 21, 2012
The National Institute of Standards and Technology has released revised
guidelines for risk assessment, outlining updated steps for establishing
risk-based security in federal information systems.
Risk assessment is identifying, estimating and prioritizing the risks to
an organization's operations and assets so that they can be effectively
addressed.
Special Publication 800-30 Rev. 1, Guide for Conducting Risk
Assessments, is the last of five documents initially planned by an
interagency task force to help harmonize IT security requirements across
civilian agencies, the military and the intelligence communities. The
significance of the effort is enormous, said Ron Ross, a NIST fellow in
the Computer Security Division.
"For the first time in over four decades we are moving toward a common
information security framework for all government," Ross said. "It's
going to take a while to get all of the documents operationalized, but
the transition is well under way."
[...]
--
ExpandingSecurity.com Live OnLine classes won’t wreck your schedule.
Get that cert and be done before 2012 ends. Last ISSAP 2012 class starts
Sept. 25th. Last 2012 CISSP and CEH starts Oct. 1:
CEH info signup: http://www.expandingsecurity.com/product/ceh-certified-ethical-hacker-online/
CISSP info signup: http://www.expandingsecurity.com/product/cissp-live-online-10-week-course/
ISSAP info signup: http://www.expandingsecurity.com/product/issap-information-systems-security-architecture-professional/ \
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic