OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

soa-rm-ra message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [soa-rm-ra] NIST Risk Management Framework

Whoops, I only looked at the first document on the web page.  There are actually about 30 documents and some of them do describe specific security interfaces.   I don’t think too many people will be familiar with all of these documents unless they have a multi-million dollar project they intend to apply the documents to.




From: Ken Laskey [mailto:klaskey@mitre.org]
Sent: Thursday, November 19, 2009 4:33 PM
To: soa-rm-ra@lists.oasis-open.org RA
Subject: [soa-rm-ra] NIST Risk Management Framework


I was plugging the RAF during class this week and I got asked to look at the document described below.  I have not looked at it in any detail but I thought I'd pass it along as something that seems very relevant.




Begin forwarded message:

, please take a look at the publically available draft of NIST SP 800-37, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach which can be found at   http://csrc.nist.gov/publications/PubsDrafts.html. We have made an effort to address net-centric architectures more explicitly than in the past and would very much welcome your feedback.



Ken Laskey

MITRE Corporation, M/S H305      phone: 703-983-7934

7515 Colshire Drive                         fax:       703-983-1379

McLean VA 22102-7508





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]