IEEE Guide for Categorizing Security Needs for Protection-, Automation-, and Control-Related Data Files
NORMA vydaná dňa 20.5.2025
Označenie normy: IEEE C37.249-2024
Dátum vydania normy: 20.5.2025
Počet strán: 66
Približná hmotnosť: 198 g (0.44 libier)
Krajina: Medzinárodná technická norma
Kategória: Technické normy IEEE
New IEEE Standard - Active.
Security categorization is the first step in a security risk management framework because of its impact on all other steps, from the selection of security controls to apply based on the assessment to the level of effort required to assess the effectiveness of the security controls put in place. Information (data) at rest and information systems are covered by security categorization. The approach used in this guide applies only to data at rest. Types of information and information systems are considered by the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-60 Vol. 1, Rev. 1 [B16]. Security categories--based on the magnitude of harm expected to result from compromises rather than on the results of an assessment that includes an attempt to determine the probability of compromise--are established by Federal Information Processing Standards (FIPS) 199 [B1]. These standards are aligned by the approach in this guide.
ISBN: 979-8-8557-1671-9, 979-8-8557-1672-6
Number of Pages: 66
Product Code: STD27615, STDPD27615
Keywords: automation files, control files, data at rest, IEEE C37.249, protection files, security categorization
Category: Protective Relaying|Computer Security and Privacy