ANSI - American National Standards Institute
 Print this article  Previous Next 

Natural Disasters and Computer Hackers: NIST Requests Public Comment on Two Documents


New York, Apr 15, 2008

The National Institute of Standards and Technology (NIST) has issued requests for public comment on two documents: the Draft Strategic Plan for the National Earthquake Hazards Reduction Program Fiscal Years 2008-2012 and the second public draft of NIST Special Publication 800-39, Managing Risk from Information Systems: An Organizational Perspective. Comments on these documents are due on May 9th, 2008, and April 30th, 2008, respectively.

NIST is the lead agency in government-sponsored National Earthquake Hazards Reduction Program (NEHRP), formed from the Earthquake Hazards Reduction Act of 1977, Public Law (PL) 95–124. Through NEHRP, NIST works with the Federal Emergency Management Agency (FEMA) and others to develop and maintain building codes, standards and practices that are earthquake-resistant.

The Draft Strategic Plan for NEHRP Fiscal Years 2008-2012 will guide the activities of the four agencies that comprise NEHRP: NIST, FEMA, the National Science Foundation (NSF), and the United States Geological Survey (USGS). The current draft outlines the priorities of NEHRP for the next four years, aiming to increase understanding of earthquakes, reduce the impact of earthquakes in a cost-effective manner, and expedite recovery and rehabilitation after an earthquake.

The draft plan is now open for public review. Comments must be received by Friday, May 9th at 5:00pm EDT to be considered. To comment, submit the following information to the Comment Submission Form on the NEHRP website: Page Number; Line Number; Text in Question; Comment; Reason for Comment; and Suggested Revision.

Comments may also be submitted by email to info@nehrp.gov, by fax to (301) 975-5433, or by mail to: NEHRP Secretariat, Attention: Dr. Jack Hayes, National Institute of Standards and Technology, 100 Bureau Drive Stop 8600, Gaithersburg, MD 20899-8600.

Comments not submitted through the NEHRP website should contain contact information in case of questions, including name, affiliation (optional) and phone number or email address (optional).

NIST has also requested public comments on Special Publication 800-39, Managing Risk from Information Systems: An Organizational Perspective. Developed by NIST in accordance with the Federal Information Management Security Act, this publication will serve as the main reference in a series of standards and guidelines related to risk management for information technology.

NIST works directly with the Office of the Director of National Intelligence and the Department of Defense to create the standards and guidelines for information technology security used by the U.S. government. Special Publication 800-39 will be of particular interest to agency heads, chief information officers, information system designers, developers and administrators, auditors and inspectors general, providing guidance for managing the risks of information technology through a solid foundation of the best security practices.

Special Publication 800-39 is open for comments and can now be viewed online. Comments will be accepted until Wednesday, April 30th, 2008. Comments should be forwarded to the Computer Security Division, Information Technology Laboratory at NIST or submitted via email to: sec-cert@nist.gov.

AN INTRODUCTION TO STANDARDS: WHY, WHERE AND HOW ARE THEY DEVELOPED?