Network


Latest external collaboration on country level. Dive into details by clicking on the dots.

Hotspot


Dive into the research topics where Joan Hash is active.

Publication


Featured researches published by Joan Hash.


Special Publication (NIST SP) - 800-66 Rev 1 | 2005

An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule

Matthew A. Scholl; Kevin M. Stine; Joan Hash; Pauline Bowen; L A. Johnson; Carla Dancy Smith; Daniel Steinberg

The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nations measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analyses to advance the development and productive use of information technology. ITLs responsibilities include the development of management, administrative, technical, and physical standards and guidelines for the cost-effective security and privacy of other than national security-related information in federal information systems. The Special Publication 800-series reports on ITLs research, guidelines, and outreach efforts in information system security, and its collaborative activities with industry, government, and academic organizations. Authority This document has been developed by the National Institute of Standards and Technology (NIST) to further its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, P.L. 107-347. NIST is responsible for developing standards and guidelines, including minimum requirements, for providing adequate information security for all agency operations and assets, but such standards and guidelines shall not apply to national security systems. This guideline is consistent with the requirements of the Office of Management and This guideline has been prepared for use by federal agencies. It may also be used by nongovernmental organizations on a voluntary basis and is not subject to copyright. (Attribution would be appreciated by NIST.) Nothing in this document should be taken to contradict standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority. Nor should these guidelines be interpreted as altering or superseding the existing authorities of the Secretary of Commerce, Director of the OMB, or any other federal official. There are references in this publication to documents currently under development by NIST in accordance with responsibilities assigned to NIST under the Federal Information Security Management Act of 2002. The methodologies in this document may be used even before the completion of such companion documents. Thus, until such time as each document is completed, current requirements, guidelines, and procedures (where they exist) remain operative. For planning and transition purposes, agencies may wish to closely follow the development of these new documents by NIST. Individuals are also encouraged to review the public draft documents and offer their comments to NIST. All NIST documents mentioned in this publication, other than the ones noted above, are available at Certain commercial entities, equipment, or materials …


Archive | 2006

Guide for Developing Security Plans for Federal Information Systems

Marianne Swanson; Joan Hash; Pauline Bowen

The objective of system security planning is to improve protection of information system resources. All federal systems have some level of sensitivity and require protection as part of good management practice. The protection of a system must be documented in a system security plan. The completion of system security plans is a requirement of the Office of Management and Budget (OMB) Circular A-130, Management of Federal Information Resources, Appendix III, Security of Federal Automated Information Resources, and Title III of the E-Government Act, entitled the Federal Information Security Management Act (FISMA), The purpose of the system security plan is to provide an overview of the security requirements of the system and describe the controls in place or planned for meeting those requirements. The system security plan also delineates responsibilities and expected behavior of all individuals who access the system. The system security plan should be viewed as documentation of the structured process of planning adequate, cost-effective security protection for a system. It should reflect input from various managers with responsibilities concerning the system, including information owners, the system owner, and the senior agency information security officer (SAISO). Additional information may be included in the basic plan and the structure and format organized according to agency needs, so long as the major sections described in this document are adequately covered and readily identifiable.


Archive | 2002

Contingency Planning Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology

Marianne Swanson; Amy Wohl; Lucinda Pope; Timothy Grance; Joan Hash; Ray Thomas

Abstract : NIST Special Publication 800-34, Contingency Planning Guide for Information Technology (IT) Systems provides instructions, recommendations, and considerations for government IT contingency planning. Contingency planning refers to interim measures to recover IT services following an emergency of System disruption. Interim measures may include the relocation of IT systems sod operators to an alternate site, the recovery of IT functions using alternate equipment, or the performance of IT functions using manual methods.


Special Publication (NIST SP) - 800-55 | 2003

Security Metrics Guide for Information Technology Systems

Marianne Swanson; Nadya Bartol; John Sabato; Joan Hash; Laurie Graffo


Building an Information Technology Security Awareness and Training Program / AHIMA, American Health Information Management Association | 2003

Building an Information Technology Security Awareness and Training Program

Mark Wilson; Joan Hash


Special Publication (NIST SP) - 800-100 | 2006

Information Security Handbook: A Guide for Managers

Pauline Bowen; Joan Hash; Mark Wilson


Special Publication (NIST SP) - 800-34 | 2002

Contingency Planning Guide for Information Technology Systems

Marianne Swanson; Amy Wohl; Lucinda Pope; Timothy Grance; Joan Hash; Ray Thomas


Special Publication (NIST SP) - 800-64 Rev 1 | 2003

Security Considerations in the Information System Development Life Cycle

Timothy Grance; Joan Hash; Marc Stevens


Special Publication (NIST SP) - 800-47 | 2002

Security Guide for Interconnecting Information Technology Systems

Timothy Grance; Joan Hash; Steven Peck; Jonathan Smith; Karen Korow-Diks


Archive | 2006

Guide for Developing Performance Metrics for Information Security

Elizabeth Chew; Alicia Clay; Joan Hash; Nadya Bartol; Anthony Brown

Collaboration


Dive into the Joan Hash's collaboration.

Top Co-Authors

Avatar

Timothy Grance

National Institute of Standards and Technology

View shared research outputs
Top Co-Authors

Avatar

Pauline Bowen

National Institute of Standards and Technology

View shared research outputs
Top Co-Authors

Avatar

Marianne Swanson

National Institute of Standards and Technology

View shared research outputs
Top Co-Authors

Avatar

Mark Wilson

National Institute of Standards and Technology

View shared research outputs
Top Co-Authors

Avatar
Top Co-Authors

Avatar
Top Co-Authors

Avatar
Top Co-Authors

Avatar

Kevin M. Stine

National Institute of Standards and Technology

View shared research outputs
Top Co-Authors

Avatar

Matthew A. Scholl

National Institute of Standards and Technology

View shared research outputs
Top Co-Authors

Avatar
Researchain Logo
Decentralizing Knowledge