Guide: Certification and Accreditation Topic Cluster
Certification and Accreditation
Certification and Accreditation (C&A) is a collection of documents that can be used to conduct the C&A of an information system in accordance with OMB A130-III.
| NIST FIPS 200 | Security Controls for Federal Information Systems |
|---|---|
| NIST FIPS 199 | Standards for Security Categorization of Federal Information and Information Systems |
| NIST FIPS 191 | Guideline for The Analysis of Local Area Network Security |
| NIST SP 800-88 | Media Sanitization Guide |
| NIST SP 800-84 | Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities |
| NIST SP 800-60 | Guide for Mapping Types of Information and Information Systems to Security Categories |
| NIST SP 800-59 | Guideline for Identifying an Information System as a National Security System |
| NIST SP 800-55 | Security Metrics Guide for Information Technology Systems |
| NIST SP 800-53A | Guide for Assessing the Security Controls in Federal Information Systems |
| NIST SP 800-53 | Security Controls for Federal Information Systems |
| NIST SP 800-47 | Security Guide for Interconnecting Information Technology Systems |
| NIST SP 800-42 | Guideline on Network Security Testing |
| NIST SP 800-37 | Guidelines for the Security Certification and Accreditation of Federal Information Technology Systems |
| NIST SP 800-34 | Contingency Planning Guide for Information Technology Systems |
| NIST SP 800-30 | Risk Management Guide for Information Technology Systems |
| NIST SP 800-26 | Security Self-Assessment Guide for Information Technology Systems |
| NIST SP 800-23 | Guideline to Federal Organizations on Security Assurance and Acquisition/Use of Tested/Evaluated Products |
| NIST SP 800-18 | Guide for Developing Security Plans for Information Technology Systems |
| NIST SB 2006-03 | Minimum Security Requirements For Federal Information and Information Systems: Federal Information Processing Standard (FIPS) 200 Approved By The Secretary Of Commerce |
| NIST SB 2005-05 | Recommended Security Controls For Federal Information Systems: Guidance For Selecting Cost-Effective Controls Using A Risk-Based Process |
| NIST SB 2004-11 | Understanding the New NIST Standards and Guidelines Required by FISMA: How Three Mandated Documents are Changing the Dynamic of Information Security for the Federal Government |
| NIST SB 2004-07 | Guide For Mapping Types Of Information and Information Systems To Security Categories |
| NIST SB 2004-05 | Guide For The Security Certification and Accreditation Of Federal Information Systems |
| NIST SB 2004-03 | Federal Information Processing Standard (FIPS) 199, Standards For Security Categorization Of Federal Information and Information Systems |
| NIST SB 2003-08 | IT Security Metrics |
| NIST SB 2003-06 | ASSET: Security Assessment Tool For Federal Agencies |
| NIST SB 2003-02 | Secure Interconnections for Information Technology Systems |
| NIST SB 2001-09 | Security Self-Assessment Guide for Information Technology Systems |
Original source for tables: Guide to NIST Security Documents.
