PaulDotCom mailing list archives
do you follow nist docs?
From: iamnowonmai at gmail.com (iamnowonmai)
Date: Fri, 30 Oct 2009 21:19:44 -0400
I pretty much follow the NIST Risk Management Framework, which references all NIST docs. Off the top of my head I can't think of any exceptions. There are minor tweaks, which you can do if they are documented. Call me crazy! Full disclosure: I might switch to CoBIT some day! ;) On Fri, Oct 30, 2009 at 11:19 AM, Michael Dickey <lonervamp at gmail.com>wrote:
I don't want to usurp Tim's post, but with the mention of NIST, it brings up a question I've always had. Does anyone truly adhere to and build systems based off NIST docs? I'm not talking "inspired by" builds that take a handful of the settings and use them, but actually building to the specs such that you can say your build guide is NIST? This is a bit of a sanity check for me, as I'm skeptical. Don't get me wrong, I'm not dissing NIST! They make for great reading! (Usually.) _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091030/874da76e/attachment.htm
Current thread:
- do you follow nist docs? Michael Dickey (Oct 30)
- do you follow nist docs? Jody & Jennifer McCluggage (Oct 30)
- do you follow nist docs? Ron Gula (Oct 30)
- do you follow nist docs? iamnowonmai (Oct 30)
- do you follow nist docs? Michael Dickey (Oct 31)
- do you follow nist docs? Tim Mugherini (Oct 31)
- do you follow nist docs? Michael Dickey (Oct 31)