FIPS 199 (Federal Information Processing Standard Publication 199, Standards for Security Categorization of Federal Information and Information Systems) is a United States Federal Government standard that establishes security categories of information systems used by the Federal Government, one component of risk assessment. FIPS 199 and FIPS 200 are mandatory security standards as required by FISMA.

This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these template messages) This article relies excessively on references to primary sources. (April 2020) This article includes a list of references, related reading, or external links, but its sources remain unclear because it lacks inline citations. (April 2020)

FIPS 199 requires Federal agencies to assess their information systems in each of the confidentiality, integrity, and availability categories, rating each system as low, moderate, or high impact in each category. The most severe rating from any category becomes the information system's overall security categorization.

• https://doi.org/10.6028/NIST.FIPS.199

This computer security article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e

This United States government–related article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e

https://csrc.nist.gov/publications/detail/fips/199/final. NIST link for FIPS 199.