Standard Name
NIST Guide for Mapping Types of Information and Information Systems to Security Categories
Industry Standard
Publication Number
SP 800-60 vol 1
Standard Date
Standard Link
Securezoo Overview
Special Publication 800-60 assists Federal agencies in identifying information types and information systems and assigning impact levels for confidentiality, integrity, and availability. Impact levels are based on the security categorization definitions in FIPS 199. SP 800-60 contains two volumes. Volume I provides guidelines for identifying impact levels by information type and suggests impact levels for administrative and support information common to multiple agencies. Volume II includes rationale for information type and impact level recommendations and examples of recommendations for agency-specific, mission-related information.
Asset Management
Vulnerability Management