The National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U.S. 商务部. NIST的使命是促进美国.S. innovation and industrial competitiveness by advancing measurement science, 标准, and technology in ways that enhance economic security and improve our quality of life. NIST promotes their mission by developing special publications that are devoted to specific information security topic. At Schneider Downs we have experience advising our clients using NIST guidance and frameworks such as:
Created through voluntary collaboration between industry and government, 框架由标准组成, 的指导方针, and practices to promote the protection of critical infrastructure. 的优先考虑, 灵活的, 可重复的, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk.
This publication provides a set of procedures for conducting assessments of security controls and privacy controls employed within federal information systems and organizations..
This publication assists organizations in establishing computer security incident response capabilities and handling incidents efficiently and effectively.
This document provides guidance for carrying out each of the three steps in the risk assessment process (i.e., 为评估做准备, 进行评估, and maintain the assessment) and how risk assessments and other organizational risk management processes complement and inform each other.
This publication provides federal agencies with recommended requirements for protecting the confidentiality of Controlled Unclassified Information (CUI): (i) when the CUI is resident in nonfederal information systems and organizations; (ii) when the information systems where the CUI resides are not used or operated by contractors of federal agencies or other organizations on behalf of those agencies; and (iii) where there are no specific safeguarding requirements for protecting the confidentiality of CUI prescribed by the authorizing law, 监管, or government wide policy for the CUI category or subcategory listed in the CUI Registry.
This document provides guidance on how to secure Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, 分布式控制系统(DCS), and other control system configurations such as Programmable Logic Controllers (PLC), 同时解决他们独特的表现, 可靠性, 以及安全要求.
We begin our assessment by working closely with you to understand your business processes in order to understand the NIST special publication that best pertains to your organization . We will work with and interview key individuals within the business and information technology services responsible for compliance with the NIST special publication. We will evaluate your compliance with all control requirements through review of documentation supporting the operating effectiveness of controls. 当我们的评估完成后, we will provide your organization with a detailed compliance assessment report outlining corrective action plans with a detailed roadmap for achieving NIST compliance.
Schneider Downs is a Top 60 independent Certified Public Accounting (CPA) firm providing accounting, 税, audit and business advisory services to public and private companies, not-for-profit organizations and global companies. We also offer Internal Audit; Technology Consulting; Software Solutions; Personal Financial bet9平台游戏; Retirement Plan Solutions and Corporate Finance bet9平台游戏. Schneider Downs is the 13th largest accounting firm in the Mid-Atlantic region and serves individuals and companies in Pennsylvania (PA), 俄亥俄州(哦), 西弗吉尼亚州(WV), 纽约(NY), 马里兰(MD), and additional states in the United States with offices in 匹兹堡, PA, 哥伦布, OH, 和麦克莱恩, VA.
©2024施耐德唐斯 & Co.公司. 马里兰州牌照号码35239.
每一刻都很重要. 紧急请求, contact the Schneider Downs digital forensics and incident response team at 1-800-993-8937. For all other requests, please complete the form below.
"*表示必填字段