Guide: Audit and Accountability Topic Cluster
Audit and Accountability
A collection of documents that relates to review and examination of records and activities in order to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures, and to provide the supporting requirement for actions of an entity to be traced uniquely to that entity.
| NIST FIPS 200 | Security Controls for Federal Information Systems |
|---|---|
| NIST FIPS 199 | Standards for Security Categorization of Federal Information and Information Systems |
| NIST FIPS 191 | Guideline for The Analysis of Local Area Network Security |
| NIST FIPS 140-2 | Security Requirements for Cryptographic Modules |
| NIST SP 800-92 | Guide to Computer Security Log Management |
| NIST SP 800-55 | Security Metrics Guide for Information Technology Systems |
| NIST SP 800-53A | Guide for Assessing the Security Controls in Federal Information Systems |
| NIST SP 800-53 | Security Controls for Federal Information Systems |
| NIST SP 800-50 | Building an Information Technology Security Awareness and Training Program |
| NIST SP 800-42 | Guideline on Network Security Testing |
| NIST SP 800-41 | Guidelines on Firewalls and Firewall Policy |
| NIST SP 800-37 | Guidelines for the Security Certification and Accreditation of Federal Information Technology Systems |
| NIST SP 800-30 | Risk Management Guide for Information Technology Systems |
| NIST SP 800-26 | Security Self-Assessment Guide for Information Technology Systems |
| NIST SP 800-18 | Guide for Developing Security Plans for Information Technology Systems |
| NIST SP 800-16 | Information Technology Security Training Requirements: A Role- and Performance-Based Model |
| NIST IR 7316 | Assessment of Access Control Systems |
| NIST IR 7284 | Personal Identity Verification Card Management Report |
| NIST IR 6981 | Policy Expression and Enforcement for Handheld Devices |
| NIST SB 2006-03 | Minimum Security Requirements For Federal Information And Information Systems: Federal Information Processing Standard (FIPS) 200 Approved By The Secretary Of Commerce |
| NIST SB 2006-01 | Testing And Validation Of Personal Identity Verification (PIV) Components And Subsystems For Conformance To Federal Information Processing Standard 201 |
| NIST SB 2005-08 | Implementation Of FIPS 201, Personal Identity Verification (PIV) Of Federal Employees And Contractors |
| NIST SB 2005-05 | Recommended Security Controls For Federal Information Systems: Guidance For Selecting Cost-Effective Controls Using A Risk-Based Process |
| NIST SB 2004-11 | Understanding the New NIST Standards and Guidelines Required by FISMA: How Three Mandated Documents are Changing the Dynamic of Information Security for the Federal Government |
| NIST SB 2004-03 | Federal Information Processing Standard (FIPS) 199, Standards For Security Categorization Of Federal Information And Information Systems |
| NIST SB 2003-08 | IT Security Metrics |
| NIST SB 2003-06 | ASSET: Security Assessment Tool For Federal Agencies |
| NIST SB 2002-01 | Guidelines on Firewalls and Firewall Policy |
| NIST SB 2001-09 | Security Self-Assessment Guide for Information Technology Systems |
| NIST SB 2000-02 | Guideline for Implementing Cryptography in the Federal Government |
Original source for tables: Guide to NIST Security Documents.
