December 14, 2024
Daily News
Final update to NIST CUI publications features ‘organization-defined parameters’ for agencies to adjust security requirements
NIST’s final update to two publications focused on controlled unclassified information puts in place “organization-defined parameters” and the ability for agencies to make determinations on what meets their needs.
“Organization-defined parameters are used in the SP 800-53 controls to provide flexibility to federal agencies in tailoring controls to support specific organizational missions or business functions and to manage risk,” NIST says in a FAQ released Tuesday in conjunction with revision three of NIST 800-171 and 800-171A.
The FAQ...