Archive for ODPs

You are browsing the archives of ODPs.

Overlays of Tailored Security Controls

Tailoring security controls involves adapting the generic baseline sets of security controls to better fit a specific operating environment. Here is a list of tailoring activities: Defining “Common Controls” that are centrally managed and can be used by several information systems. Applying “Scoping Considerations” Using “Compensating Controls” Defining “Organizational Parameters” Adding “Supplementary Controls” Using “Overlays” […]

800-53 rev3 FPD

The new revision of NIST SP 800-53 (rev3) is now in FINAL Public Draft (FPD) and should be published in final form soon. When NIST moves a draft document from IPD status to FPD status, the changes are often few as the document is nearly ready for final publishing. In this case, however, the changes […]