The National Institute of Standards and Technology requests public comments on the release of Draft Special Publication 800-70 Revision 4, National Checklist Program for IT Products: Guidelines for Checklist Users and Developers. Using security configuration checklists to verify the configuration of information technology (IT) products and identify unauthorized configuration changes can minimize product attack surfaces, reduce vulnerabilities, and lessen the impact of successful attacks.
To facilitate development of checklists and to make checklists more organized and usable, NIST established the National Checklist Program (NCP). This publication explains how to use the NCP to find and retrieve checklists, and it also describes the policies, procedures, and general requirements for participation in the NCP.
Comments due by August 30, 2017. Email comments to: email@example.com (Subject: "Comments on SP 800-70")
Download Draft SP 800-70 Rev. 4.
As a non-regulatory agency of the Commerce Department, NIST promotes U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life. For more information, visit www.nist.gov.