FISMA and NIST Documents

Here are some of key federal documents in the area of FISMA compliance and the NIST Risk Management Framework (C&A process):

Federal Information Security Management Act (FISMA)

OMB Circular A-130, Appendix III

NIST SP 800-18 (Security Plans)

NIST SP 800-37 (Guide to Certification and Accreditation)

NIST SP 800-39 (Organizational Risk Management)

FIPS 200 & NIST SP 800-53 (Security Controls)

NIST SP 800-53a (Assessment of Security Controls)

NIST SP 800-30 (Risk Assessment)

NIST SP 800-34 (Contingency Planning)

FIPS 199 & NIST SP 800-60 (System Categorization)