-
作者NIST
-
简介
In addition to the expansion of the security control catalog, Special Publication 800-53, Revision 3 contains significant changes including:
-
A simplified, six-step Risk Management Framework;
-
Additional security controls and control enhancements for advanced cyber threats;
-
Recommendations for prioritizing or sequencing security controls during implementation or deployment;
-
Revised security control structure with a new references section to list applicable federal laws, Executive Orders, directives, policies, standards, and guidelines related to a control;
-
Elimination of security requirements from Supplemental Guidance sections;
-
Guidance on using the Risk Management Framework for legacy information systems and for external providers of information system services;
-
Updates to security control baselines consistent with current threat information and known cyber attacks;
-
Removal of the FIPS 199 security control baseline allocation bar resident with each control;
-
Organization-level security controls for managing information security programs;
-
Guidance on the management of common controls within organizations; and
-
Strategy for harmonizing FISMA security standards and guidelines with international security standard ISO/IEC 27001.
-
-
提示本站仅做资料的整理和索引,转载引用请注明出处
相关推荐
-
2016-03-17 03:28:27 -
2016-02-24 16:25:03 -
2016-03-16 04:49:23 -
2016-03-17 03:05:08
