EDUCAUSE | Government Documents, Laws, Testimonies or Reports and Data Classification Policies http://connect.educause.edu/browse/content/lib_item/4979,5334 EDUCAUSE CONNECT http://connect.educause.edu/browse/content/lib_item/4979,5334 http://connect.educause.edu/educause/images/e_rss.png events, concepts, and conversation from EDUCAUSE The EDUCAUSE Podcast Crew EDUCAUSE is a nonprofit association whose mission is to advance higher education by promoting the intelligent use of information technology. Our podcasts provide information about a range of topics including Leadership, Policy and Law, Teaching and Learning, Emerging Technologies, Open Source, Research Computing, Cyberinfrastructure, and Digitial Libraries. http://connect.educause.edu/browse/content/node/691/list/feed Recent library resources tagged with Government Documents, Laws, Testimonies or Reports and Data Classification Policies. en Standards for Security Categorization of Federal Information and Information Systems (FIPS-199) http://connect.educause.edu/display/46333 <p>The E-Government Act of 2002 (Public Law 107-347), recognized the importance of information security to the economic and national security interests of the United States. Title III of the E-Government Act, entitled the Federal Information Security Management Act of 2002 (FISMA), tasked NIST with responsibilities for standards and guidelines, including the development of:<br />- Standards to be used by all federal agencies to categorize all information and information systems collected or maintained by or on behalf of each agency based on the objectives of providing appropriate levels of information security according to a range of risk levels;<br />- Guidelines recommending the types of information and information systems to be included in each category; and<br />- Minimum information security requirements (i.e., management, operational, and technical controls), for information and information systems in each such category.<br />FIPS Publication 199 addresses the first task cited -- to develop standards for categorizing information and information systems. Security categorization standards for information and information systems provide a common framework and understanding for expressing security that, for the federal government, promotes: (i) effective management and oversight of information security programs, including the coordination of information security efforts throughout the civilian, national security, emergency preparedness, homeland security, and law enforcement communities; and (ii) consistent reporting to the Office of Management and Budget (OMB) and Congress on the adequacy and effectiveness of information security policies, procedures, and practices. Subsequent NIST standards and guidelines will address the second and third tasks cited.</p> http://connect.educause.edu/display/46333#comments Cybersecurity Policy Data Classification Policies Data Security National Institute of Standards and Technology Security Policies security standards Contributed by Organizations or Campuses Government Documents, Laws, Testimonies or Reports Mon, 03 Mar 2008 13:55:22 -0600 ckeller 46333 at http://connect.educause.edu