NIST Special Publication 800-128

Citation
NIST, Guide for Security Configuration Management of Information Systems (NIST Special Publication 800-128, Initial Public Draft) (Mar. 2010) (full-text).

Overview
This publication is intended to provide guidelines for organizations responsible for managing and administrating the security of federal information system]] computing environments. For organizations responsible for the security of information processed, stored, and transmitted by external or service-oriented computing environments (e.g., cloud computing environment providers), the security configuration management concepts and principles presented in this publication can be used by organizations in establishing assurance requirements for suppliers providing external computing services.