The Commerce Department has issued the latest word on how to spot cybersecurity weaknesses in federal computer systems: It’s called the “Guide for Conducting Risk Assessments,” and it’s been published by the National Institute of Standards and Technology.

NIST said the guide is a thorough update of a version published in 2002. The new version, also called Special Publication 800-30, takes into account how complicated the cybersecurity scene has become.

It also outlines a three-step process for conducting a risk assessment and keeping it up to date.

This story is part of Federal News Radio’s daily Cybersecurity Update. For more cybersecurity news, click here.

Copyright © 2025 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.