Tag Archives: Security

The National Institute of Standards and Technology (NIST) has published an update to its SP 800-53A standard, “Assessing Security and Privacy Controls in Information Systems and Organizations.” The publication provides a methodology and set of procedures for conducting assessments of security and privacy controls employed within systems and organizations within an effective risk management framework. The assessment procedures, executed at various phases of the system development life cycle, are consistent with the security and privacy controls in NIST Special Publication 800-53, Revision 5. The SP 800-53A assessment procedures are flexible, provide a framework and starting point for control assessments, and can be tailored to the needs of organizations and assessors. SP 800-53A facilitates security and privacy control assessments conducted within an effective risk management framework. The revision includes new assessment procedures that address newly added and updated privacy and supply chain risk management controls in SP 800-53 Revision 5. SP…

Read more

Niel Harper, CISO for the United Nations Office for Project Services (UNOPS) and a board member with the IT governance association ISACA sat down with CSO Online to discuss some of the obstacles that can impede the success of security programs. He talked about executive apathy, risk management, and the over-dependence on compliance audits. Read the article on csoonline.com

2/2