Active PAR

IEEE PC37.249

IEEE Draft Guide for Categorizing Security Needs for Protection and Automation Related Data Files

Security categorization is the first step in a security risk management framework because of its impact on all other steps, from selection of security controls to apply based upon the assessment to the level of effort required to assess the effectiveness of the security controls put in place. Security categorization covers information (data) at rest and information systems. The approach used in this guide applies only to data at rest. The approach aligns National Institute of Standards and Technology (NIST) Special Publication (SP) 800-60 Volume 1, revision 1 [B2] and with Federal Information Processing Standards (FIPS) FIPS 199 [B1], the latter of which establishes security categories based on the magnitude of harm expected to result from compromises rather than on the results of an assessment that includes an attempt to determine the probability of compromise.

Sponsor Committee
PE/PSRCC - Power System Relaying and Control
Learn More
Status
Active PAR
PAR Approval
2014-06-24
History
Adopted:
data at rest, protection files, automation files, control files, security categorization

Working Group Details

Society
http://www.ieee.org/pes
Learn More
Sponsor Committee
http://www.pes-psrc.org/
Learn More
IEEE Program Manager
mailTO:[email protected]
Contact
No Active Projects
No Active Standards
No Superseded Standards
No Inactive-Withdrawn Standards
No Inactive-Reserved Standards
Newswire

Sign up for our monthly newsletter to learn about new developments, including resources, insights and more.