The IT Law Wiki

Revision as of 16:51, 5 December 2011


NIST, Generally Accepted Principles and Practices for Securing Information Technology Systems (NIST Special Publication 800-14) (full-text).


This publication provides a foundation upon which organizations can establish and review information technology security programs. The eight Generally Accepted System Security Principles are designed to provide the public or private sector audience with an organization-level perspective when creating new systems, practices, or policies.