NIST Paper on Recommended Security Controls for Federal Information Systems.

NIST has completed the first draft of NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems. This draft guideline provides a recommended set of controls for low and moderate impact systems (based upon the security categorization definitions in FIPS 199 that I talked about previously). This guideline, when completed, will stand as NIST interim guidance until 2005, which is the statutory deadline to publish minimum standards for all non-national security systems.

Happy reading.