Announcing Draft Federal Information Processing Standard (FIPS) Publication 200, Minimum Security Requirements for Federal Information and Information Systems, 40983-40984 [05-13994]
Download as PDF
<![CDATA[
Federal Register / Vol. 70, No. 135 / Friday, July 15, 2005 / Notices
Agro Industries Ltd. (Saptarishi Agro),
Transchem Ltd. (Transchem), Techtran
Agro Industries Limited (Techtran) and
Weikfield Agro Products Ltd.
(Weikfield). On March 23, 2005, the
Department published a notice of
initiation of an administrative review of
the antidumping duty order on certain
preserved mushrooms from India with
respect to these companies. See
Initiation of Antidumping and
Countervailing Duty Administrative
Reviews and Requests for Revocation in
Part, 70 FR 14643.
On May 6, 2005, the petitioner timely
withdrew its request for review with
respect to KICM. On June 17, 2005, the
petitioner requested that the Department
extend the deadline established under
19 CFR 351.213(d)(1) to withdraw its
request for review of other companies
until July 5, 2005. On June 21, 2005, we
granted this request. On June 29, 2005,
the petitioner withdrew its request for
review with respect to Alpine Biotech,
Dinesh Agro, Flex Foods, Himalya,
Hindustan, Mandeep, Premier,
Saptarishi Agro, Transchem, Techtran
and Weikfield.
Partial Rescission of Review
Section 351.213(d)(1) of the
Department’s regulations stipulates that
the Secretary will rescind an
administrative review, in whole or in
part, if a party that requested a review
withdraws the request within 90 days of
the date of publication of notice of
initiation of the requested review,
unless the Secretary decides that it is
reasonable to extend this time limit. In
this case, the petitioner withdrew its
request for review of Alpine Biotech,
Dinesh Agro, Flex Foods, Himalya,
Hindustan, KICM, Mandeep, Premier,
Saptarishi Agro, Transchem, Techtran
and Weikfield within the extended time
limit. Therefore, because the petitioner
was the only party to request the
administrative review of these
companies, we are rescinding, in part,
this review of the antidumping duty
order on certain preserved mushrooms
from India as to Alpine Biotech, Dinesh
Agro, Flex Foods, Himalya, Hindustan,
KICM, Mandeep, Premier, Saptarishi
Agro2, Transchem, Techtran and
Weikfield. This review will continue
with respect to Agro Dutch.
2 On March 25, 2005, Agro Dutch stated that it
had purchased the mushroom operations of
Saptarishi Agro prior to the current review period.
Therefore, any sales made by Saptarishi Agro
during the current review period will be examined
in the context of the administrative review of Agro
Dutch.
VerDate jul<14>2003
17:47 Jul 14, 2005
Jkt 205001
Assessment
The Department will instruct U.S.
Customs and Border Protection (CBP) to
assess antidumping duties on all
appropriate entries. Antidumping duties
for these rescinded companies shall be
assessed at rates equal to the cash
deposit of estimated antidumping duties
required at the time of entry, or
withdrawal from warehouse, for
consumption, in accordance with 19
CFR 351.212(c)(1)(i). The Department
will issue appropriate assessment
instructions directly to CBP within 15
days of publication of this notice.
This notice is published in
accordance with section 751 of the
Tariff Act of 1930, as amended, and 19
CFR 351.213(d)(4).
Dated: July 11, 2005.
Susan H. Kuhbach,
Acting Assistant Secretary for Import
Administration.
[FR Doc. E5–3778 Filed 7–14–05; 8:45 am]
BILLING CODE: 3510–DS–S
40983
Director of the National Institute of
Standards and Technology to assure a
balanced membership that will reflect
the wide diversity of technical
disciplines and industrial sectors
represented in ATP projects.
The Committee will function solely as
an advisory body and in compliance
with the provisions of the Federal
Advisory Committee Act. Copies of the
Committee’s revised charter will be filed
with the appropriate committees of the
Congress and with the Library of
Congress.
Inquiries or comments may be
directed to Janet Brumby, Advanced
Technology Program, National Institute
of Standards and Technology, 100
Bureau Drive, Stop 4710, Gaithersburg,
Maryland 20899–4710; telephone: 301–
975–3189.
Dated: July 7, 2005.
Hratch G. Semerjian,
Acting Director, NIST.
[FR Doc. 05–13993 Filed 7–14–05; 8:45 am]
BILLING CODE 3510–13–P
DEPARTMENT OF COMMERCE
National Institute of Standards and
Technology
Advanced Technology Program (ATP)
Advisory Committee
National Institute of Standards
and Technology, Department of
Commerce.
ACTION: Notice of renewal.
AGENCY:
In accordance with the provisions of
the Federal Advisory Committee Act, 5
U.S.C. App. 2, and the General Services
Administration (GSA) rule on Federal
Advisory Committee Management, 41
CFR Part 101–6, and after consultation
with GSA, the Secretary of Commerce
has determined that the renewal of the
Advanced Technology Program
Advisory Committee is in the public
interest in connection with the
performance of the duties imposed on
the Department by law.
The Committee was first established
in July 1999 to advise ATP regarding
their programs, plans, and policies. In
renewing the Committee, the Secretary
has established it for an additional six
months. During the next six months, the
Committee plans to provide advice on
ATP programs, plans and policies,
review ATP’s efforts to assess the
economic impact of the program, and
report on the general health of the
program and its effectiveness in
achieving its legislatively mandated
mission.
The Committee will consist of 6 to 12
members to be appointed by the
PO 00000
Frm 00009
Fmt 4703
Sfmt 4703
DEPARTMENT OF COMMERCE
National Institute of Standards and
Technology
[Docket No. 060601149–5149–01]
Announcing Draft Federal Information
Processing Standard (FIPS)
Publication 200, Minimum Security
Requirements for Federal Information
and Information Systems
National Institute of Standards
and Technology (NIST), Commerce.
ACTION: Notice; request for comments.
AGENCY:
SUMMARY: The National Institute of
Standards and Technology (NIST)
announces the release of draft Federal
Information Processing Standards (FIPS)
Publication 200, Minimum Security
Requirements for Federal Information
and Information Systems for public
comment. Draft FIPS Publication 200 is
one of a series of security standards and
guidelines that NIST is developing to
help federal agencies implement their
responsibilities under the Federal
Information Security Management Act
(FISMA). The FISMA requires that all
federal agencies develop, document and
implement agency-wide information
security programs to protect federal
information and information systems.
Draft FIPS Publication 200, which will
be used with other publications already
issued by NIST, specifies minimum
security requirements for federal
information and information systems
and a risk-based process for selecting
E:\FR\FM\15JYN1.SGM
15JYN1
40984
Federal Register / Vol. 70, No. 135 / Friday, July 15, 2005 / Notices
the security controls necessary to satisfy
the minimum requirements.
Prior to the submission of this
proposed standard to the Secretary of
Commerce for review and approval, it is
essential that consideration be given to
the needs and views of the general
public, the information technology
industry, and federal, state, and local
government organizations. The purpose
of this notice is to solicit such views.
DATES: Comments must be received on
or before 5 p.m., September 13, 2005.
ADDRESSES: Written comments may be
sent to: Chief, Computer Security
Division, Information Technology
Laboratory, Attention: Comments on
Draft FIPS Publication 200, 100 Bureau
Drive (Stop 8930), National Institute of
Standards and Technology,
Gaithersburg, MD 20899–8930.
Comments may also be sent via
electronic mail to:
draftfips200@nist.gov.
A copy of draft FIPS Publication 200
is available from the NIST Web site at:
https://csrc.nist.gov/publications/fips/
index.html.
Comments received in response to
this notice will be published at https://
csrc.nist.gov.
FOR FURTHER INFORMATION CONTACT: Dr.
Ron Ross, Computer Security Division,
National Institute of Standards and
Technology, Gaithersburg, MD 20899–
8930, telephone (301) 975–5390, e-mail:
ron.ross@nist.gov.
SUPPLEMENTARY INFORMATION: The
Federal Information Security
Management Act (FISMA) requires all
federal agencies to develop, document,
and implement agency-wide
information security programs and to
provide information security for the
information and information systems
that support the operations and assets of
the agency, including those systems
provided or managed by another agency,
contractor, or other source.
To support agencies in conducting
their information security programs, the
FISMA called for NIST to develop
federal standards for the security
categorization of federal information
and information systems according to
risk levels, and for minimum security
requirements for information and
information systems in each security
category. FIPS Publication 199,
Standards for Security Categorization of
Federal Information and Information
Systems, issued in February 2004, is the
first standard that was specified by the
FISMA. FIPS Publication 199 requires
agencies to categorize their information
and information systems as low-impact,
moderate-impact, or high-impact for the
VerDate jul<14>2003
17:47 Jul 14, 2005
Jkt 205001
security objectives of confidentiality,
integrity, and availability.
Draft FIPS Publication 200, the
second standard that was specified by
the FISMA, is an integral part of the risk
management framework that NIST has
developed to assist federal agencies in
providing appropriate levels of
information security. FIPS Publication
200 specifies minimum security
requirements for federal information
and information systems and a riskbased process for selecting the security
controls necessary to satisfy the
minimum requirements. In applying the
provisions of FIPS Publication 200,
agencies will categorize their
information systems as required by FIPS
Publication 199, and subsequently
select an appropriate set of security
controls from NIST Special Publication
800–53, Recommended Security
Controls for Federal Information
Systems, to satisfy the minimum
security requirements. Issued in
February 2005, NIST Special
Publication 800–53 defines minimum
security controls needed to provide
cost-effective protection for low-impact,
moderate-impact, and high-impact
information systems and the
information processed, stored, and
transmitted by those systems.
The proposed standard will be
applicable to: (i) all information within
the federal government other than that
information that has been determined
pursuant to Executive Order 12958, as
amended by Executive Order 13292, or
any predecessor order, or by the Atomic
Energy Act of 1954, as amended, to
require protection against unauthorized
disclosure and is marked to indicate its
classified status; and (ii) all federal
information systems other than those
information systems designated as
national security systems as defined in
44 United States Code Section
3542(b)(2). The standard has been
broadly developed from a technical
perspective to complement similar
standards for national security systems.
In addition to the agencies of the federal
government, state, local, and tribal
governments, and private sector
organizations that compose the critical
infrastructure of the United States are
encouraged to consider the use of this
standard, as appropriate.
Proposed FIPS Publication 200
specifies minimum security
requirements for federal information
and information systems in seventeen
security-related areas that represent a
broad-based, balanced information
security program. The seventeen
security-related areas encompass the
management, operational, and technical
aspects of protecting federal information
PO 00000
Frm 00010
Fmt 4703
Sfmt 4703
and information systems, and include:
access control; audit and accountability;
awareness and training; certification,
accreditation, and security assessments;
configuration management; contingency
planning; identification and
authentication; incident response;
maintenance; media protection;
personnel security; physical and
environmental protection; planning; risk
assessment; systems and services
acquisition; system and
communications protection; and system
and information integrity.
Authority: Federal Information
Processing Standards (FIPS) are issued
by the National Institute of Standards
and Technology after approval by the
Secretary of Commerce pursuant to
Section 5131 of the Information
Technology Management Reform Act of
1996 and the Federal Information
Security Management Act of 2002
(Public Law 107–347).
E.O. 12866: This notice has been
determined not to be significant for the
purposes of E.O. 12866.
Dated: July 7, 2005.
Hratch G. Semerjian,
Acting Director, NIST.
[FR Doc. 05–13994 Filed 7–14–05; 8:45 am]
BILLING CODE 3510–CN–P
DEPARTMENT OF COMMERCE
National Institute of Standards and
Technology
[Docket No. 050329087–5087–01]
Proposed Withdrawal of Ten (10)
Federal Information Processing
Standards (FIPS)
National Institute of Standards
and Technology (NIST), Commerce.
ACTION: Notice; request for comments.
AGENCY:
SUMMARY: The National Institute of
Standards and Technology (NIST)
proposes to withdraw ten (10) Federal
Information Processing Standards (FIPS)
from the FIPS series. The standards
proposed for withdrawal include FIPS
161–2, FIPS 183, FIPS 184, FIPS 192
and 192–1, which adopt voluntary
industry standards for Federal
government use. These FIPS are
obsolete because they have not been
updated to reference current or revised
voluntary industry standards. In
addition, FIPS 4–2, FIPS 5–2, FIPS 6–4,
and FIPS 10–4, adopt specifications or
data standards that are developed and
maintained by other Federal
government agencies or by voluntary
industry standards organizations. These
FIPS have not been updated to reflect
E:\FR\FM\15JYN1.SGM
15JYN1
]]>Agencies
[Federal Register Volume 70, Number 135 (Friday, July 15, 2005)]
[Notices]
[Pages 40983-40984]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 05-13994]
-----------------------------------------------------------------------
DEPARTMENT OF COMMERCE
National Institute of Standards and Technology
[Docket No. 060601149-5149-01]
Announcing Draft Federal Information Processing Standard (FIPS)
Publication 200, Minimum Security Requirements for Federal Information
and Information Systems
AGENCY: National Institute of Standards and Technology (NIST),
Commerce.
ACTION: Notice; request for comments.
-----------------------------------------------------------------------
SUMMARY: The National Institute of Standards and Technology (NIST)
announces the release of draft Federal Information Processing Standards
(FIPS) Publication 200, Minimum Security Requirements for Federal
Information and Information Systems for public comment. Draft FIPS
Publication 200 is one of a series of security standards and guidelines
that NIST is developing to help federal agencies implement their
responsibilities under the Federal Information Security Management Act
(FISMA). The FISMA requires that all federal agencies develop, document
and implement agency-wide information security programs to protect
federal information and information systems. Draft FIPS Publication
200, which will be used with other publications already issued by NIST,
specifies minimum security requirements for federal information and
information systems and a risk-based process for selecting
[[Page 40984]]
the security controls necessary to satisfy the minimum requirements.
Prior to the submission of this proposed standard to the Secretary
of Commerce for review and approval, it is essential that consideration
be given to the needs and views of the general public, the information
technology industry, and federal, state, and local government
organizations. The purpose of this notice is to solicit such views.
DATES: Comments must be received on or before 5 p.m., September 13,
2005.
ADDRESSES: Written comments may be sent to: Chief, Computer Security
Division, Information Technology Laboratory, Attention: Comments on
Draft FIPS Publication 200, 100 Bureau Drive (Stop 8930), National
Institute of Standards and Technology, Gaithersburg, MD 20899-8930.
Comments may also be sent via electronic mail to:
draftfips200@nist.gov.
A copy of draft FIPS Publication 200 is available from the NIST Web
site at: https://csrc.nist.gov/publications/fips/.
Comments received in response to this notice will be published at
https://csrc.nist.gov.
FOR FURTHER INFORMATION CONTACT: Dr. Ron Ross, Computer Security
Division, National Institute of Standards and Technology, Gaithersburg,
MD 20899-8930, telephone (301) 975-5390, e-mail: ron.ross@nist.gov.
SUPPLEMENTARY INFORMATION: The Federal Information Security Management
Act (FISMA) requires all federal agencies to develop, document, and
implement agency-wide information security programs and to provide
information security for the information and information systems that
support the operations and assets of the agency, including those
systems provided or managed by another agency, contractor, or other
source.
To support agencies in conducting their information security
programs, the FISMA called for NIST to develop federal standards for
the security categorization of federal information and information
systems according to risk levels, and for minimum security requirements
for information and information systems in each security category. FIPS
Publication 199, Standards for Security Categorization of Federal
Information and Information Systems, issued in February 2004, is the
first standard that was specified by the FISMA. FIPS Publication 199
requires agencies to categorize their information and information
systems as low-impact, moderate-impact, or high-impact for the security
objectives of confidentiality, integrity, and availability.
Draft FIPS Publication 200, the second standard that was specified
by the FISMA, is an integral part of the risk management framework that
NIST has developed to assist federal agencies in providing appropriate
levels of information security. FIPS Publication 200 specifies minimum
security requirements for federal information and information systems
and a risk-based process for selecting the security controls necessary
to satisfy the minimum requirements. In applying the provisions of FIPS
Publication 200, agencies will categorize their information systems as
required by FIPS Publication 199, and subsequently select an
appropriate set of security controls from NIST Special Publication 800-
53, Recommended Security Controls for Federal Information Systems, to
satisfy the minimum security requirements. Issued in February 2005,
NIST Special Publication 800-53 defines minimum security controls
needed to provide cost-effective protection for low-impact, moderate-
impact, and high-impact information systems and the information
processed, stored, and transmitted by those systems.
The proposed standard will be applicable to: (i) all information
within the federal government other than that information that has been
determined pursuant to Executive Order 12958, as amended by Executive
Order 13292, or any predecessor order, or by the Atomic Energy Act of
1954, as amended, to require protection against unauthorized disclosure
and is marked to indicate its classified status; and (ii) all federal
information systems other than those information systems designated as
national security systems as defined in 44 United States Code Section
3542(b)(2). The standard has been broadly developed from a technical
perspective to complement similar standards for national security
systems. In addition to the agencies of the federal government, state,
local, and tribal governments, and private sector organizations that
compose the critical infrastructure of the United States are encouraged
to consider the use of this standard, as appropriate.
Proposed FIPS Publication 200 specifies minimum security
requirements for federal information and information systems in
seventeen security-related areas that represent a broad-based, balanced
information security program. The seventeen security-related areas
encompass the management, operational, and technical aspects of
protecting federal information and information systems, and include:
access control; audit and accountability; awareness and training;
certification, accreditation, and security assessments; configuration
management; contingency planning; identification and authentication;
incident response; maintenance; media protection; personnel security;
physical and environmental protection; planning; risk assessment;
systems and services acquisition; system and communications protection;
and system and information integrity.
Authority: Federal Information Processing Standards (FIPS) are
issued by the National Institute of Standards and Technology after
approval by the Secretary of Commerce pursuant to Section 5131 of the
Information Technology Management Reform Act of 1996 and the Federal
Information Security Management Act of 2002 (Public Law 107-347).
E.O. 12866: This notice has been determined not to be significant
for the purposes of E.O. 12866.
Dated: July 7, 2005.
Hratch G. Semerjian,
Acting Director, NIST.
[FR Doc. 05-13994 Filed 7-14-05; 8:45 am]
BILLING CODE 3510-CN-P
