Started in 1901, NIST is a federal agency embedded in the U.S. Commerce Department’s Technology Administration, whose goals are to develop and advance measurement, standards, and technology to improve productivity in the United States, stimulate trade, and elevate the quality of life for citizens.
In January 2005, NIST’s Information Technology Laboratory released its Special Publication 800-65, delineating the important risk variables that should be taken into consideration by an agency’s capital and investment planning process so that policies are consistent with the Federal Information Security Management Act (FISMA) and with current NIST standards.
NIST fulfills its purpose by maintaining four cooperative programs. These include the NIST Laboratories, which conduct research to promote the technology infrastructure and improve services and products; the Baldrige National Quality Program, which campaigns for performance excellence among educational institutions, health care providers, manufacturers, and service companies through outreach programs and by managing the Malcolm Baldrige National Quality Award Program; the Manufacturing Extension Partnership, which offers assistance in technical and business matters relating to smaller companies, in particular; and the Advanced Technology Program, which promotes the development of innovative technologies by co-funding Research and Development (R & D) partnerships with private companies.
NIST plays a key role in encryption by being the primary organization responsible for AES (Advanced Encryption Standard)—therefore driving the encryption standard that most large entities strive to implement.
See Also: Risk.
Hash, J.S. Integrating IT Security Into the Capital Planning and Investment Control Process. [Online, January 30, 2005.] NIST Website. http://csrc.nist.gov/publications/ nistpubs/index.html; National Institute of Standards and Technology. NIST. [Online, August 2, 2004.] National Institute of Standards and Technology Website. http://www.nist.gov/ public_affairs/general2.htm.