Be the first to like this
This white paper is an interpretation of NIST SP 800-18, Guide for Developing Security Plans for Information Technology System, that was released by NIST in December of 1998. In 1998 when the publication became available it covered the major systems of the day: the general support system (GSS) and the Major Applications (MA). Since 1998 we have seen the development of a third system that is a neither truly a GSS or a MA but a fusion of the two, the Intranet and Extranet, which this document refers to as a web support system. This white paper interprets NIST SP 800-18 to reflect the need for a separate security plan for a web support system and how to define and determine what a web support system is. NOTE: This document has no official relationship to any other NIST Special Publication nor should any be drawn.