Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
107 A p p e n d i x B ⢠Categorize systems and data: 44 FIPS 199: Standards for Security Categorization of Federal Information and Information Systems; 44 NIST SP 800-60: Volume 1: Guide for Mapping Types of Information and Information Systems to Security Categories (a second volume provides more detail). ⢠Select security controls: 44 FIPS 200: Minimum Security Requirements for Federal Information and Information Systems; 44 NIST SP 800-53: Recommended Security Controls for Federal Information Systems and Organizations (appen- dices are available with more detail). ⢠Implement security controls: 44 NIST SP 800-70: Security Configuration Checklists Program for ITS ProductsâGuidance for Checklists Users and Developers. ⢠Assess security controls: 44 NIST SP 800-53A: Guide for Assessing the Security Controls in Federal Information Systems. ⢠Authorize and monitor security state: 44 NIST 800-37: Guide for Applying the Risk Management Framework to Federal Information Systems. Federal System Security Guidelines