AOH :: IS1799.HTM

CAG plays complementary role on security

CAG plays complementary role on security
CAG plays complementary role on security 

By William Jackson
Mar 09, 2009

The information technology security controls recently released as the 
Consensus Audit Guidelines are not intended to replace guidance for 
complying with federal IT security requirements. But they could 
complement those efforts by supplying a prioritized baseline of 

The National Institute of Standards and Technology, charged with 
developing standards and guidelines for complying with the Federal 
Information Security Management Act (FISMA), has produced a 
comprehensive set of recommended security controls that covers much of 
the same territory as CAG, which was developed by a group of government 
and private-sector organizations.

"We included many of the same control elements addressed in the CAG 
initiative," said Ron Ross, a senior computer scientist at NIST.

NIST recently released for review its first major update of the 
guidelines, Special Publication 800-53, titled "Recommended Security 
Controls for Federal Information Systems and Organizations." When the 
public review for SP 800-53 ends March 27, the two documents could be 
more closely aligned.


Best Selling Security Books and More! 

Site design & layout copyright © 1986-2015 CodeGods