Citation Edit

NIST, Security Self-Assessment Guide for Information Technology Systems (NIST Special Publication 800-26) (Nov. 2001) (full-text).

NOTE: NIST Special Publication 800-26 was superseded by NIST Special Publication 800-53 (Rev. 3) and the NIST Special Publication 800-53A (Rev. 1). Agencies are required to use FIPS 200/NIST Special Publication 800-53 for the specification of security controls and NIST Special Publication 800-53A for the assessment of security control effectiveness.

Overview Edit

This document built on the Federal IT Security Assessment Framework (Framework) developed by NIST for the Federal Chief Information Officers Council. The Framework established the groundwork for standardizing on five levels of security status and criteria agencies could use to determine if the five levels were adequately implemented. This document provided guidance on applying the Framework by identifying 17 control areas, such as those pertaining to identification and authentication and contingency planning. In addition, the guide provided control objectives and techniques that could be measured for each area.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.