http://gcn.com/articles/2009/02/24/cag-no-substitute-for-fisma.aspx By William Jackson GCN.com Feb 24, 2009 A collaborative effort by government and private sector organizations has produced a prioritized set of security controls for information technology systems that are amenable to automated monitoring. The controls were released for public review yesterday as the Consensus Audit Guidelines (CAG). These guidelines neither duplicate nor replace guidance for complying with federal IT security requirements. The National Institute of Standards and Technology (NIST), charged with developing standards and guidelines for complying with the Federal Information Security Management Act (FISMA), has produced a comprehensive set of recommended security controls that covers much of the same territory as CAG. “We included many of the same control elements addressed in the CAG initiative,” said Ron Ross, senior computer scientist at NIST. [...] _______________________________________________ Best Selling Security Books and More! http://www.shopinfosecnews.org/Received on Tue Feb 24 2009 - 23:28:37 PST
This archive was generated by hypermail 2.2.0 : Tue Feb 24 2009 - 23:32:32 PST