On Monday the OMB’s Office of Information and Regulatory
Affairs (OIRA) announced
the approval of the National Institute of Standards and Technology’s (NIST)
Special Publication 800-171, Protecting Controlled Unclassified Information in
Nonfederal Systems and Organizations. This update was sent
to OMB for approval back in February. Guidance documents are not typically
listed in the Unified Agenda and there is nothing on the SP800-171
web site that indicates what types of changes are being made.
This document could be published this week, but the Trump Administration
is notoriously slow to publish regulatory documents so there is no telling when
this will be published.
This document establishes cybersecurity requirements for
electronic systems that store, receive or send Controlled Unclassified
Information (CUI). It mainly covers contractors, but facilities covered under
the Chemical Facility Anti-Terrorism Standards (CFATS) program would be
required to comply with these standards on systems containing Chemical-Terrorism
Vulnerability Information (CVI).
Posts
No comments:
Post a Comment