U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Updates 2019

Guide for Security-Focused Configuration Management of Information Systems: NIST Updates Special Publication 800-128
October 15, 2019

NIST announces an update of Special Publication (SP) 800-128, Guide for Security-Focused Configuration Management of Information Systemswhich provides guidelines for organizations responsible for managing and administering the security of federal systems and associated environments of operation. The document focuses on the implementation of system security aspects of configuration management, and as such, the term “security-focused configuration management” (SecCM) is used to emphasize the concentration on information security. NIST has released an errata update to reflect changes that have occurred in technology, terminology, and references since the document’s original publication in 2011. No significant or technical changes have been made to the recommended guidance for SecCM.

Parent Project

See: NIST Risk Management Framework
Created October 15, 2019, Updated June 22, 2020