This article has multiple issues. Please help improve it or discuss these issues on the talk page. ( Learn how and when to remove these template messages) This article relies excessively on references to primary sources. Please improve this article by adding secondary or tertiary sources. Find sources:  "FIPS 199" –  news · newspapers · books · scholar · JSTOR (April 2020) ( Learn how and when to remove this template message) This article includes a list of references, related reading, or external links, but its sources remain unclear because it lacks inline citations. Please help improve this article by introducing more precise citations. (April 2020) ( Learn how and when to remove this template message) ( Learn how and when to remove this template message)

FIPS 199 ( Federal Information Processing Standard Publication 199, Standards for Security Categorization of Federal Information and Information Systems) is a United States Federal Government standard that establishes security categories of information systems used by the Federal Government, one component of risk assessment. FIPS 199 and FIPS 200 are mandatory security standards as required by FISMA.

FIPS 199 requires Federal agencies to assess their information systems in each of the confidentiality, integrity, and availability categories, rating each system as low, moderate, or high impact in each category. The most severe rating from any category becomes the information system's overall security categorization.

External links

• https://doi.org/10.6028/NIST.FIPS.199

This computer security article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e

This United States government–related article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e

https://csrc.nist.gov/publications/detail/fips/199/final. NIST link for FIPS 199.