NIST Issues Guidance to Help Organizations Decide Which Assets Need Protection

The National Institute of Standards and Technology has issued new guidance to help organizations manage risk by deciding which assets need to be protected the most.

NISTIR 8179, Criticality Analysis Process Model, sets out a structured method of prioritizing programs, systems, and components based on their importance to the goals of an organization and the impact that their inadequate operation or loss may present to those goals. It says that a criticality analysis can help organizations identify and better understand the systems, subsystems, components, and subcomponents that are most essential to their operations and the environment in which they operate. This can lead to better decision-making about information security and privacy risk management.

The model has been designed to follow the way organizations design and manage projects and systems. It can be used with a variety of risk management standards and guidelines including the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27000 family of standards and the suite of National Institute of Standards and Technology (NIST) Special Publications (SPs).

It consists of five main processes, which include adopting a set of procedures for performing a criticality analysis, analyzing and identifying key activities, reviewing and analyzing the system, and having a collaborative group analyze baseline criticality results.

NIST says that using the model can “help increase robustness and granularity of the decisions made about levels of protection afforded to systems and components during system development and acquisition life cycles.”

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

SIGN UP NOW for FREE News & Analysis on topics of your choice across homeland security!

BEYOND POLITICS.  IT'S ABOUT THE MISSION. 

Go to Top
Malcare WordPress Security