FIPS 199

E1008664

NIST Federal Information Processing Standard U.S. federal information security standard

FIPS 199 is a U.S. federal standard that defines security categorization levels (low, moderate, high) for information and information systems based on the potential impact of security breaches.

Jump to: Surface forms Statements Referenced by

Observed surface forms (1)

Surface form	Occurrences
FIPS 199 security categorization	1

Statements (46)

Predicate	Object
instanceOf	NIST Federal Information Processing Standard ⓘ U.S. federal information security standard ⓘ
appliesTo	all federal information systems except national security systems ⓘ
audience	federal information system owners ⓘ information security officers ⓘ risk managers ⓘ
basisFor	security categorization of information ⓘ security categorization of information systems ⓘ
classificationModel	low-moderate-high impact model ⓘ
country	United States of America ⓘ surface form: United States
defines	high impact level ⓘ low impact level ⓘ moderate impact level ⓘ security categorization standards ⓘ security impact levels ⓘ
documentType	technical standard ⓘ
foundationFor	federal security control selection ⓘ
fullName	Federal Information Processing Standards Publication 199 NERFINISHED ⓘ
impactAssessmentCriterion	potential impact on individuals ⓘ potential impact on organizational assets ⓘ potential impact on organizational operations ⓘ potential impact on other organizations ⓘ potential impact on the Nation ⓘ
impactDimension	availability ⓘ confidentiality ⓘ integrity ⓘ
issuedBy	National Institute of Standards and Technology NERFINISHED ⓘ U.S. Department of Commerce NERFINISHED ⓘ
language	English ⓘ
publisher	NIST Computer Security Division NERFINISHED ⓘ
regulatoryContext	Federal Information Security Modernization Act NERFINISHED ⓘ
relatedTo	FIPS 200 NERFINISHED ⓘ NIST Special Publication 800-53 NERFINISHED ⓘ
scope	federal information ⓘ federal information systems ⓘ
securityObjective	protect availability ⓘ protect confidentiality ⓘ protect integrity ⓘ
status	active ⓘ
supports	risk management for federal information systems ⓘ
title	Standards for Security Categorization of Federal Information and Information Systems NERFINISHED ⓘ
usedBy	U.S. federal agencies NERFINISHED ⓘ
usedFor	classifying information systems ⓘ determining security control baselines ⓘ
usedIn	federal information security programs ⓘ system authorization processes ⓘ

Referenced by (2)

Full triples — surface form annotated when it differs from this entity's canonical label.

FedRAMP Moderate → basedOn → FIPS 199 ⓘ

this entity surface form: FIPS 199 security categorization

Federal Risk and Authorization Management Program → basedOnStandard → FIPS 199 ⓘ