Loading [a11y]/accessibility-menu.js
PC37.249/D8.25, Sept 2024 - IEEE Approved Draft Guide for Categorizing Security Needs for Protection, Automation, and Control Related Data Files | IEEE Standard | IEEE Xplore

PC37.249/D8.25, Sept 2024 - IEEE Approved Draft Guide for Categorizing Security Needs for Protection, Automation, and Control Related Data Files

Most Recent
Status: active - Draft
Versions

Abstract:

Security categorization is the first step in a security risk management framework because of its impact on all other steps, from selection of security controls to apply b...Show More
Scope:This guide identifies and categorizes protection, automation, and control related data files based on content, use, and risk of disclosure or compromise. Protection and a...Show More
Purpose:This guide adds granularity to security practices to precisely apply security without impeding the use or access to protection, automation, and control related data files...Show More

Abstract:

Security categorization is the first step in a security risk management framework because of its impact on all other steps, from selection of security controls to apply based upon the assessment to the level of effort required to assess the effectiveness of the security controls put in place. Security categorization covers information (data) at rest and information systems. The approach used in this guide applies only to data at rest. The approach aligns National Institute of Standards and Technology (NIST) Special Publication (SP) 800-60 Volume 1, revision 1 [B2] and with Federal Information Processing Standards (FIPS) FIPS 199 [B1], the latter of which establishes security categories based on the magnitude of harm expected to result from compromises rather than on the results of an assessment that includes an attempt to determine the probability of compromise.
Scope:
This guide identifies and categorizes protection, automation, and control related data files based on content, use, and risk of disclosure or compromise. Protection and automation related data files include, but are not limited to, files used for configuration, management, and analysis of protective relaying systems.
Purpose:
This guide adds granularity to security practices to precisely apply security without impeding the use or access to protection, automation, and control related data files.
Date of Publication: 01 October 2024
Electronic ISBN:979-8-8557-1304-6
Persistent Link: https://ieeexplore.ieee.org/servlet/opac?punumber=10707152

Subscription Options - Standards