The new NIST guidance for managing information security risk is called the capstone of the agency's work on FISMA implementation. The National Institute of Standards and Technology has released the ...