Lunarline, Inc. Supports the Writing of NIST SP 800-53A

Washington, D.C. - January 23, 2008 - Lunarline, Inc. staff was instrumental in developing and reviewing the test cases/procedures for The National Institute of Standards and Technology (NIST) draft Guide for Assessing the Security Controls in Federal Information Systems SP 800-53A. NIST SP 800-53A provides assessment procedures for all security goals in amended SP 800-53 and guidance on building effective security assessment plans.

The final draft publication includes:

Updated assessment procedures based on NIST Special Publication 800-53, Revision 2 (including industrial control system information)
A reorganization and streamlining of the material in chapters one through three to provide greater clarity in describing the components of an assessment procedure and how the components are used within the context of a security assessment plan
Minor modifications to the assessment method definitions in Appendix D
A streamlined assessment procedure format in Appendix F for expressing assessment objectives, methods, and objects
A specific assignment of designators to assessment methods to indicate applicability to low-impact, moderate-impact, and high-impact information systems, respectively
Relocating the Risk Management Framework to NIST Special Publication 800-39 (Initial Public Draft), Managing Risk from Information Systems: An Organizational Perspective.

Comments will be accepted until January 31. E-mailed comments should be sent to Final publication of SP 800-53A is due in March.

About Lunarline, Inc:

Lunarline, Inc. is a Service Disabled Veteran Owned Small Business (SDVOSB) that specializes in Information Security (IS) and Information Assurance (IA). Lunarline, Inc. designs, develops, integrates, maintains, audits, and documents the security for systems, telecommunications, and software throughout the Federal Government. Lunarline Inc. has a successful track record of providing risk-based/Information Security services. From risk assessments to providing support for an entire Federal Agency's Information Security Program, Lunarline Inc. ensures that customers' systems and programs exceed Federal and DoD security requirements. Lunarline is committed to 'Solutions Built on Security.'


Ashley Roan