NIST SP 800-53
What is NIST SP 800-53?
NIST SP 800-53A NIST publication providing a comprehensive catalog of security and privacy controls for U.S. federal information systems and many private-sector adopters.
NIST Special Publication 800-53 is the authoritative catalog of security and privacy controls developed by the U.S. National Institute of Standards and Technology. Currently in Revision 5, it defines hundreds of controls organized into 20 control families (e.g., Access Control, Audit and Accountability, System and Communications Protection) along with control enhancements and supplemental guidance. SP 800-53 is mandatory for U.S. federal information systems under FISMA and FedRAMP, and is widely adopted by contractors, state governments, and critical-infrastructure operators worldwide. Organizations typically select a baseline (low, moderate, high) using NIST SP 800-53B and tailor it to their risk profile.
● Examples
- 01
A federal agency implementing the moderate baseline to authorize a new system under FISMA.
- 02
A FedRAMP cloud service provider mapping controls to the high baseline.
● Frequently asked questions
What is NIST SP 800-53?
A NIST publication providing a comprehensive catalog of security and privacy controls for U.S. federal information systems and many private-sector adopters. It belongs to the Compliance & Frameworks category of cybersecurity.
What does NIST SP 800-53 mean?
A NIST publication providing a comprehensive catalog of security and privacy controls for U.S. federal information systems and many private-sector adopters.
How do you defend against NIST SP 800-53?
Defences for NIST SP 800-53 typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for NIST SP 800-53?
Common alternative names include: SP 800-53, NIST 800-53.