The National Institute for Standards and Technology (NIST) develops standards and guidelines for many areas, including information technology. This month the agency released an update to their set of guidelines for organizations to use in creating security assessment plans (NIST Special Publication 800-53A, Revision 1). These guidelines are said to simplify many of the procedures and are part of a larger initiative aimed at focusing on enterprise-wide near-real-time risk management. You can read more about this here:
About The Author
Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.