The National Institute of Standards and Technology has published recommendations on developing policies and procedures for reporting and managing vulnerability disclosures for federal government systems.
The NIST Special Publication 800-216 outlines a unified federal vulnerability disclosure framework that applies to software, hardware and digital services used across the government, the agency said Wednesday.
According to NIST, the framework seeks to address the proper handling of vulnerability reports regarding information systems owned or controlled by government agencies.
It also establishes a framework for the dissemination of vulnerability mitigation and remediation.
NIST developed the document in collaboration with the Office of Management and Budget and the departments of Defense and Homeland Security.
