主页 / NIST系列 / 美国联邦信息系统的安全控制推荐NIST SP800-53-rev3-FPD-clean
  • 作者
    NIST
  • 简介

    In addition to the expansion of the security control catalog, Special Publication 800-53, Revision 3 contains significant changes including:

    • A simplified, six-step Risk Management Framework;

    • Additional security controls and control enhancements for advanced cyber threats;

    • Recommendations for prioritizing or sequencing security controls during implementation or deployment;

    • Revised security control structure with a new references section to list applicable federal laws, Executive Orders, directives, policies, standards, and guidelines related to a control;

    • Elimination of security requirements from Supplemental Guidance sections;

    • Guidance on using the Risk Management Framework for legacy information systems and for external providers of information system services;

    • Updates to security control baselines consistent with current threat information and known cyber attacks;

    • Removal of the FIPS 199 security control baseline allocation bar resident with each control;

    • Organization-level security controls for managing information security programs;

    • Guidance on the management of common controls within organizations; and

    • Strategy for harmonizing FISMA security standards and guidelines with international security standard ISO/IEC 27001.

  • 提示
    本站仅做资料的整理和索引,转载引用请注明出处
附件下载
  • 美国联邦信息系统的安全控制推荐NIST.sp800.53.rev3.FPD.clean.pdf
    时间: 大小: 2.34 M 下载: 48
  • 美国联邦信息系统的安全控制推荐NIST.sp800.53.rev2.final.pdf
    时间: 大小: 1.49 M 下载: 13
  • sp800.53.rev2_pdf.zip
    时间: 大小: 1.05 M 下载: 2
  • sp800.53.rev2.annex1.pdf
    时间: 大小: 0.37 M 下载: 5
  • sp800.53.rev2.annex2.pdf
    时间: 大小: 0.49 M 下载: 9
  • sp800.53.rev2.annex3.pdf
    时间: 大小: 0.53 M 下载: 6