Guide for assessing the security controls in federal information systems

NIST recently released a draft Special Publication 800-53A, Guide for Assessing the Security Controls in Federal Information Systems.

This final public draft provides comprehensive assessment procedures for all security controls in NIST Special Publication 800-53 (as amended) and important guidance for federal agencies in building effective security assessment plans.

Comments will be accepted until January 31, 2008. Final publication of NIST Special Publication 800-53A is expected in March 2008.