Much to its credit NIST has:
– made public in a very accessible forum (not regulations.gov) all the comments it received from the public in response to its Request for Information.
– conducted an in-depth review of the comments it received and presented them in an easily understandable format.
NIST raised a question which CRE has been exploring with a number of international organizations, namely:
|What role(s) do or should national/international standards and organizations that develop national/international standards play in critical infrastructure cybersecurity conformity assessment?|
The aforementioned actions are a step forward.