NIST updates performance measurement guide.August 8, 2008 -
NIST has published Special Publication 800-55 Revision 1, Performance Measurement Guide for Information Security. The update provides additional program-level guidelines for measuring information security performance in support of organizational strategic goals. It also aligns performance measurement with the security controls in NIST SP 800-53, Recommended Security Controls for Federal Information Systems.
Updated Information Security Performance Measurement Guide Published |
(Archive News Story - Products mentioned in this Archive News Story may or may not be available from the manufacturer.)
National Institute of Standards & Technology
100 Bureau Dr., Stop 1070
Gaithersburg, MD, 20899-1070
USA
Press release date: August 6, 2008
The quintessential guide to evaluating the effectiveness of security controls applied to information systems and information security programs has been updated to reflect recent security advances. The National Institute of Standards and Technology published Special Publication 800-55 Revision 1, Performance Measurement Guide for Information Security, in late July.
For the past five years, SP 800-55 has provided information technology and security professionals with a process for developing, selecting and implementing performance measures to facilitate decision making, improve performance and increase accountability. The guide describes how an agency can use its information system and program security controls to succeed in achieving its mission.
The update expands upon NIST's previous work in this area. It provides additional program-level guidelines for measuring information security performance in support of organizational strategic goals. It also aligns performance measurement with the security controls in NIST SP 800-53, Recommended Security Controls for Federal Information Systems.
A PDF of the new SP 800-55 Revision 1 is available at:
http://csrc.nist.gov/publications/PubsSPs.html#800-55_Rev1.
|
|
|
|
|
|
| 
