You are viewing this page in an unauthorized frame window. Search Search. Journal Articles Conference Papers Books. Technologies Sectors. Publications SP Rev. Superseded by SP Rev. Author s Joint Task Force Transformation Initiative Abstract This publication provides a catalog of security and privacy controls for federal information systems and organizations and a process for selecting controls to protect organizational operations including mission, functions, image, and reputation , organizational assets, individuals, other organizations, and the Nation from a diverse set of threats including hostile cyber attacks, natural disasters, structural failures, and human errors both intentional and unintentional.
This publication provides a catalog of security and privacy controls for federal information systems and organizations and a process for selecting controls to protect organizational operations including mission, functions, image, and reputation , organizational assets, individuals, other See full abstract.
Hide full abstract. Documentation Publication: SP Rev. Official websites use. Share sensitive information only on official, secure websites. Author s Ronald S. Ross , L A. The updated security assessment guideline incorporates best practices in information security from the United States Department of Defense, Intelligence Community, and Civil agencies and includes security control assessment procedures for both national security and non national security systems. The guideline for developing security assessment plans is intended to support a wide variety of assessment activities in all phases of the system development life cycle including development, implementation, and operation.
The important changes described in Special Publication A, Revision 1, are part of a larger strategic initiative to focus on enterprise-wide, near real-time risk management. The increased flexibility in the selection of assessment methods, assessment objects, and depth and coverage attribute values empowers organizations to place the appropriate emphasis on the assessment process at every stage in the system development life cycle.
0コメント