Repassando: DRAFT SP 800-39, Managing Risk from Information Systems: An Organizational Perspective
DRAFT SP 800-39, Managing Risk from Information Systems: An Organizational Perspective
NIST announces the release of the initial public draft of Special Publication 800-39, Managing Risk from Information Systems: An Organizational Perspective. This publication provides guidelines for managing risk to organizational operations, organizational assets, individuals, other organizations, and the Nation resulting from the operation and use of information systems. Special Publication 800-39 is the flagship document in the series of FISMA-related publications developed by NIST and provides a disciplined, structured, flexible, extensible, and repeatable approach for managing that portion of risk resulting from the incorporation of information systems into the mission and business processes of the organization. Comments will be accepted through December 14, 2007. Email comments to: sec-cert@nist.gov
URL to DRAFTS page:
http://csrc.nist.gov/publications/PubsDrafts.html
URL to PDF file for Draft SP 8000-39:
http://csrc.nist.gov/publications/drafts/800-39/SP-800-39-ipd.pdf