Information Technology Reference
In-Depth Information
Control
Reference
Description of
Applicability
a
Category/Document
PL
SP 800-40, Ver 2:
Creating a Patch and
Vulnerability Management Program
PL
SP 800-40:
Procedures for Handling
Security Patches
PL
SP 800-37:
Guidelines for the Security
Certification and Accreditation of
Federal Information Technology Systems
PL
SP 800-34:
Contingency Planning Guide
for Information Technology Systems
PL
SP 800-33:
Underlying Technical Models
for Information Technology Security
PL
SP 800-32:
Introduction to Public Key
Technology and the Federal PKI
Infrastructure
PL
SP 800-31:
Intrusion Detection Systems
(IDSs)
PL
SP 800-30:
Risk Management Guide for
Information Technology Systems
PL
SP 800-27:
Engineering Principles for
Information Technology Security (A
Baseline for Achieving Security)
PL
SP 800-26:
Security Self-Assessment
Guide for Information Technology
Systems
PL
SP 800-25:
Federal Agency Use of Public
Key Technology for Digital Signatures
and Authentication
PL
SP 800-21, Rev 1:
Guideline for
Implementing Cryptography in the
Federal Government
PL
SP 800-19:
Mobile Agent Security
PL
SP 800-18:
Guide for Developing Security
Plans for Information Technology
Systems