Home / News / Ron Ross: NIST Updates Security Control Evaluation Guidance to Match Continuous Monitoring Strategies

Ron Ross: NIST Updates Security Control Evaluation Guidance to Match Continuous Monitoring Strategies

Ron Ross
Ron Ross

The National Institute of Standards and Technology has published a new set of guidelines for evaluating security and privacy controls in federal information systems, GovInfoSecurity reported Monday.

Eric Chabrow writes Ron Ross, an NIST fellow, said the guide is designed to complement continuous monitoring and information security authorization programs across the government.

“We broke down the procedures so you can target a specific part of the control,” Ross added, according to the report.

Congress last week approved Federal Information Security Management Act changes aimed at helping agencies transition from a checkbox security method to the CM technique, according to Chabrow’s article.

Ross told the publication NIST is also working on a framework to allow the organization to update and publish control standards earlier than usual.

Check Also

GAO: DoD Must Routinely Collect Data on Space Acquisition Workforce

The Government Accountability Office issued a report Thursday stating that the Department of Defense does not conduct routine monitoring of its space acquisition workforce.

Leave a Reply

Your email address will not be published. Required fields are marked *