The Inner Circle

 View Only

National Online Informative References (OLIR) Program: NISTIRs 8278 and 8278A

  • 1.  National Online Informative References (OLIR) Program: NISTIRs 8278 and 8278A

    Posted Nov 20, 2020 11:30:00 AM

    Hi All,

    NIST has just published the National Online Informative References (OLIR) Program documents: NISTIRs 8278 and 8278A.

    NISTIR 8278National Cybersecurity Online Informative References (OLIR) Program: Program Overview and OLIR Uses, describes the OLIR Program, what OLIRs are, what benefits they provide, how anyone can search and access OLIRs, and how subject matter experts can contribute OLIRs. This report includes:

    • Additional Focal Document Templates
    • Functional enhancements to the OLIR Catalog and Derived Relationships Mapping (DRM) display tool

    NISTIR 8278ANational Cybersecurity Online Informative References (OLIR) Program: Submission Guidance for OLIR Developers, replaces NISTIR 8204. The primary focus of NISTIR 8278A is to instruct Developers on how to complete the OLIR Focal Document spreadsheet when submitting an Informative Reference to NIST for inclusion in the OLIR Catalog. This report includes:

    • Requirement guidance to include additional focal document templates introduced in NISTIR 8278.
    • A "Strength of Relationships" section (3.2.11) that includes guidance for populating the magnitude field when evaluating focal and reference document elements.  Interested commenters should read the 'Note to Reviewers' (page iii) as we seek feedback on this requested feature describing additional detail about the relationship.

    Both publications are based on feedback received from early adopters as well as discussions at the December 2019 OLIR workshop.

    NISTIR 8278 details:
    https://csrc.nist.gov/publications/detail/nistir/8278/final

    NISTIR 8278A details:
    https://csrc.nist.gov/publications/detail/nistir/8278a/final

    OLIR Workshop (December 2019):
    https://www.nccoe.nist.gov/events/workshop-cybersecurity-online-informative-references



    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------