The IT Law Wiki
The IT Law Wiki

Citation[]

NIST, Generally Accepted Principles and Practices for Securing Information Technology Systems (NIST Special Publication 800-14) (1996) (full-text).

Overview[]

This publication provides a foundation upon which organizations can establish and review information technology security programs. The eight Generally Accepted System Security Principles (GSSP) are designed to provide the public or private sector audience with an organization-level perspective when creating new systems, practices, or policies.