NIST invites public and private organizations to submit their information security practices as nominated candidates for inclusion in its Computer Security Resource Center. With the recognition that protection of the Nation's critical infrastructure is dependent upon effective information security solutions and to minimize vulnerabilities associated with a variety of threats, the broader sharing of such practices will enhance the overall security of the nation. Today's federal networks and systems are highly interconnected and interdependent with non-federal systems. Access to information security practices in the public and private sector can be applied to enhance the overall performance of Federal information security programs.
Nominated candidate policies and procedures may be submitted to NIST in any area of information security including, but not limited to: accreditation, audit trails, authorization of processing, budget planning and justification, certification, contingency planning, data integrity, disaster planning, documentation, hardware and system maintenance, identification and authentication, incident handling and response, life cycle, network security, personnel security, physical and environmental protection, production input/output controls, security policy, program management, review of security controls, risk management, security awareness training, and education (to include specific course and awareness materials), and security planning.
Document | Posted |
Carnegie Mellon University CERT® Coordination Center | 09/09/03 |
EDUCAUSE | 09/10/04 |