COM 510 – Management of Information Security Project Guidelines Project Description Carry out a security self-assessment of an organization using the NIST Special Publication 800-26 as a guide. This may be your current or previous employer or your own organization. You must seek permission from the individual responsible for the information security of that organization. The SP 800-26 document is a self-assessment guide used to assess the IT system of an organization. This document is no longer available from NIST but it is contained in Appendix A at the end of the textbook (pp. 471-491). You may use this appendix as a guide. It is recommend that you use primary areas such as Management controls, Operational controls, Technical controls, etc., as a guide to assess a system.