Information Security News mailing list archives
Consensus Audit Guidelines no substitute for FISMA guidance
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 25 Feb 2009 01:28:37 -0600 (CST)
http://gcn.com/articles/2009/02/24/cag-no-substitute-for-fisma.aspx By William Jackson GCN.com Feb 24, 2009 A collaborative effort by government and private sector organizations has produced a prioritized set of security controls for information technology systems that are amenable to automated monitoring. The controls were released for public review yesterday as the Consensus Audit Guidelines (CAG). These guidelines neither duplicate nor replace guidance for complying with federal IT security requirements. The National Institute of Standards and Technology (NIST), charged with developing standards and guidelines for complying with the Federal Information Security Management Act (FISMA), has produced a comprehensive set of recommended security controls that covers much of the same territory as CAG. “We included many of the same control elements addressed in the CAG initiative,” said Ron Ross, senior computer scientist at NIST. [...]
_______________________________________________ Best Selling Security Books and More! http://www.shopinfosecnews.org/
Current thread:
- Consensus Audit Guidelines no substitute for FISMA guidance InfoSec News (Feb 24)