Wednesday 9 October 2019

NIST standards

800-30 - Guide for Conducing Risk Assessments

800-37: Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

800-39 - Managing Information Security Risk: Organization, Mission, and Information System View

800-53 - Security and Privacy Controls for Information Systems and Organizations

800-154 - Guide to Data-Centric System Threat Modeling

800-115 - Penetration Testing

800-60: Volume 1: Guide for Mapping Types of Information and Information Systems to Security Categories

NIST SP 800-53A,Guide for Assessing the Security
Controls in Federal Information Systems