NIST - zve?ejn?n draft FIPS 200 - Minimum Security Requirements for Federal Information and Information Systems 14.07.2005
NIST's Computer Security Division has completed the initial public draft of Federal Information Processing Standards (FIPS) Publication 200, Minimum Security Requirements for Federal Information and Information Systems. The draft standard is one of a series of key standards and guidelines developed by NIST to help federal agencies improve their information technology security and comply with the Federal Information Security Management Act (FISMA) of 2002. Zdroj: http://csrc.ncsl.nist.gov/publications/drafts/FIPS-200-ipd-07-13-2005.pdf
FIPS Publication 200 provides:
(i) a specification for minimum security requirements for federal information and information systems;
(ii) a standardized, risk-based approach (as described in FIPS Publication 199, Standards for Security Categorization of Federal Information and Information Systems) for selecting security controls in a cost-effective manner; and
(iii) links to NIST Special Publication 800-53 (Recommended Security Controls for Federal Information Systems) that recommends management, operational, and technical controls needed to protect the confidentiality, integrity, and availability of all federal information systems that are not national security systems.