http://gcn.com/articles/2009/03/09/update1-cag-security-controls.aspx By William Jackson GCN.com Mar 09, 2009 The information technology security controls recently released as the Consensus Audit Guidelines are not intended to replace guidance for complying with federal IT security requirements. But they could complement those efforts by supplying a prioritized baseline of controls. The National Institute of Standards and Technology, charged with developing standards and guidelines for complying with the Federal Information Security Management Act (FISMA), has produced a comprehensive set of recommended security controls that covers much of the same territory as CAG, which was developed by a group of government and private-sector organizations. "We included many of the same control elements addressed in the CAG initiative," said Ron Ross, a senior computer scientist at NIST. NIST recently released for review its first major update of the guidelines, Special Publication 800-53, titled "Recommended Security Controls for Federal Information Systems and Organizations." When the public review for SP 800-53 ends March 27, the two documents could be more closely aligned. [...] _______________________________________________ Best Selling Security Books and More! http://www.shopinfosecnews.org/Received on Mon Mar 09 2009 - 09:53:53 PDT
This archive was generated by hypermail 2.2.0 : Mon Mar 09 2009 - 09:56:17 PDT