National Institute of Standards and Technology

In January 2005, NIST’s Information Technology Laboratory released its Special Publication 800-65, delineating the important risk variables that should be taken into consideration by an agency’s capital and investment planning process so that policies are consistent with the Federal Information Security Management Act (FISMA) and with current NIST standards.

NIST fulfills its purpose by maintaining four cooperative programs. These include the NIST Laboratories, which conduct research to promote the technology infrastructure and improve services and products; the Baldrige National Quality Program, which campaigns for performance excellence among educational institutions, health care providers, manufacturers, and service companies through outreach programs and by managing the Malcolm Baldrige National Quality Award Program; the Manufacturing Extension Partnership, which offers assistance in technical and business matters relating to smaller companies, in particular; and the Advanced Technology Program, which promotes the development of innovative technologies by co-funding Research and Development (R & D) partnerships with private companies.

NIST plays a key role in encryption by being the primary organization responsible for AES (Advanced Encryption Standard)—therefore driving the encryption standard that most large entities strive to implement.

See Also: Risk.