NIST 800-53 is a security control catalog for the federal Risk Management Framework.
NIST 800-53B defines 3 security control baselines: low, moderate, and high. The impact baseline determines the number of security controls a system has to account for.
NIST 800-37 defines the federal Risk Management Framework (RMF). RMF uses the security controls of NIST 800-53.
FISMA & FedRAMP
Both FISMA and FedRAMP use the security controls of NIST 800-53.
20 Control Families
NIST 800-53 groups its security requirements into 20 families including access control, configuration management, and supply chain risk management.
Organization-Defined Parameters are variables within a security control's text that can be populated by many sources including laws, agency policy, mission needs, etc.
Learn about NIST 800-171 and explore its security requirements.
Learn about the CMMC 2.0 and explore its practices.
NIST 800-53 provides a catalog of security controls for federal systems.
Federal systems are required to implement RMF and the related security controls of NIST 800-53.
Cloud service providers who wish to complete the FedRAMP authorization process will be required to implement the security controls of NIST 800-53.
Our NCSP® NIST 800-53 Practitioner course covers NIST 800-53: NCSP® NIST 800-53 Practitioner Certificate
NIST 800-53 R5 has more than 1,000 security controls.