http://www.fcw.com/article94829-06-08-06-Web By Wade-Hahn Chan June 8, 2006 The National Institute of Standards and Technology has released a draft of its Information Security Handbook. The handbook provides an overview of information security measures to give managers a better understanding of how to implement an information security program. According to NIST's computer security resource center, the purpose of the handbook is to inform the information security management team about expected implementation and oversight of various aspects of information security in their organizations. The publication includes summaries of existing NIST publications and standards. The 124-page document includes a section on designing, implementing and overseeing a program for awareness and training for information security standards. Other topics include summaries of the responsibilities of agency heads, developing a life cycle for systems development and detailing specific performance metrics for systems evaluation. There is an extensive Frequently Asked Questions section toward the end of the publication. NIST is requesting that comments on the handbook be sent to handbk-100@private NIST will be accepting comments until August 7. _________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 29 - August 3 2,500+ international security experts from 40 nations, 10 tracks, no vendor pitches. www.blackhat.com
This archive was generated by hypermail 2.1.3 : Fri Jun 09 2006 - 10:02:33 PDT