dark overlay
nav button USDA Logo

FSIS

Web Content Viewer (JSR 286)

Actions
Loading...

Web Content Viewer (JSR 286)

Actions
Loading...

Web Content Viewer (JSR 286)

Actions
Loading...

Web Content Viewer (JSR 286)

Actions
Loading...

Web Content Viewer (JSR 286)

Actions
Loading...

National Institute of Standards and Technology (NIST) Privacy Standards


FSIS Privacy Program | FSIS Privacy Policy | Privacy Councils | Privacy Acts, OMB Guidance and Circulars | NIST Privacy Standards | Privacy Reports by GAO | FSIS and USDA Privacy Documents | Privacy 101: Basic Privacy Questions | Contact Information


Standards​

All linked documents are in PDF.
Abbreviations: FIPS = Federal Information Processing Standards; SP = Special Publication

  • FIPS 199, Standards for Security Categorization of Federal Information and Information Systems (February 2004) ​
  • FIPS 200, Minimum Security Requirements for Federal Information and Information Systems (March 2006) ​
  • NIST SP 800-12, an Introduction to Computer Security: The NIST Handbook (October 1995)
  • NIST SP 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems (September 1998) ​
  • NIST SP 800-16, Information Technology Security Training Requirements (April 1998)​ ​
  • NIST SP 800-37, Rev. 1, Guide for Applying the Risk Management Framework to Federal Information Systems (February 2010) ​
  • NIST SP 800-39, Managing Information Security Risk Organization, Mission, and Information System View​ (March 2011)
  • NIST SP 800-50, Building Information Technology Security Awareness and Training Program (October 2003) ​
  • NIST SP 800-53, Rev. 4, Security and Privacy Controls for Federal Information Systems and Organizations, App. J (April 2013) ​
  • NIST SP 800-53A, Rev. 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans (December 2014)
  • NIST SP 800-59, Guideline for Identifying an Information System as a National Security System (August 2003) ​
  • NIST SP 800-60, Rev. 1, Guide for Mapping Types of Information and Information Systems to Security Categories (August 2008) ​
  • NIST SP 800-61, Rev. 2, Computer Security Incident Handling Guide (August 2012). ​This publication assists organizations in establishing computer security incident response capabilities and handling incidents efficiently and effectively. This publication provides guidelines for incident handling, particularly for analyzing incident-related data and determining the appropriate response to each incident.
  • NIST SP 800-63A, Digital Identify Guidelines: Enrollment and Identity Proofing  (June 2017)
  • NIST SP 800-63-3, Digital Identity (June 2017)
  • NIST SP 800-64, Rev. 2, Security Considerations in the System Development Lifecycle (SDLC) (October 2008). This guide focuses on the information security components of the SDLC. First, descriptions of the key security roles and responsibilities that are needed in most information system developments are provided. Second, sufficient information about the SDLC is provided to allow a person who is unfamiliar with the SDLC process to understand the relationship between information security and the SDLC.​
  • NIST SP 800-83, Guide to Malware Incident Prevention and Handling (November 2005). This publication provides recommendations for improving an organization’s malware incident prevention measures. It also gives extensive recommendations for enhancing an organization’s existing incident response capability so that it is better prepared to handle malware incidents, particularly widespread ones. The recommendations address several major forms of malware, ​
  • NIST SP 800-100, Information Security Handbook: A Guide for Managers (October 2006). This publication informs the information security management team about various aspects of information security that they will be expected to implement and oversee in their respective organizations. In addition, it provides guidance for facilitating a more consistent approach to information security programs across the federal government.​
  • NIST SP 800-122, Guide to Protecting the Confidentiality of PII (April 2010). This document provides guidelines for a risk-based approach to protecting the confidentiality of personally identifiable information (PII).
  • NIST SP 800-144, Guidelines on Security and Privacy in Public Cloud Computing (December 2011)
  • NIST SP 800-177, Trustworthy Email  (September 2016)

 

The information on this Website is provided for general informational purposes only and should not be considered as individual guidance or legal advice.

Last Modified Sep 08, 2017