|Following The Directives |
Many security directives have been written. Now it is up to management to lead compliance efforts, especially when it involves risk.
One Government, One Set Of Standards
NIST SP 800-37 contains the proposed new federal security authorization process (commonly called C&A) that promotes the concept of “near real-time risk management” based on continuous monitoring of federal Information Systems.
Ten Ways To Make Compliance Easier
The directives tell government what people need to do, not how to do it. So, what should buyers look for when buying products to comply with directives?
A knowledgeable government and contractor workforce is the cornerstone of compliance.
Security Directives and Compliance.pdf [PDF]