NIST 800-26

NIST 800-26, also known as NIST Special Publication 800-26, is a now-out-of-date publication that provided guidelines on conducting security self-assessments on IT systems. It was published by the National Institute of Standards and Technology, part of the first wave of guidance created by NIST on information security. This publication represented the inception of a catalog of controls that also included a self-assessment questionnaire. These guidelines categorized five levels of organizational maturity around IT security and offered guidance on applying the framework through 17 control areas. These control areas included identification, authentication and contingency planning. In addition, the guide provided objectives and measurement criteria for each control area. NIST 800-26 has been superseded by NIST 800-53.

Want to learn more about how Rsam can help you with your NIST requirements? Get a Governance, Risk and Compliance (GRC) demonstration of Rsam.