Recommended Security Controls to Protect Information Systems
Article type: Review Article
Abstract: The National Institute of Standards and Technology (NIST) of the US
Department of Commerce, is responsible for developing standards and guidelines,
including minimum requirements, for providing adequate information security for
all agency operations, but also may be used by non-governmental organizations
on a voluntary basis and is not subject to copyright. In February 2005, NIST
released a Special Publication 800-53 entitled Recommended Security Controls to
Protect Information Systems
(http://csrc.nist.gov/publications/nistpubs/800-53/SP800-53.pdf). The following
are excerpts from the report.