U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

DRAFT Special Publication 800-53 Revision 4, Appendix H is available for public comment
August 28, 2014

NIST announces the release of Draft Special Publication 800-53, Revision 4, Appendix HInternational Information Security Standards, Security Control Mappings for ISO/IEC 27001: 2013. (NOTE: This draft Appendix H for SP 800-53 Revision 4 has been approved as final and has been incoporated into the updated SP 800-53 Revision 4 document in January 2015). This update to Appendix H was initiated due to the 2013 revision to ISO/IEC 27001, which occurred after the final publication of SP 800-53, Revision 4. In addition to considering the new content in ISO/IEC 27001 for the mapping tables, new mapping criteria were employed in conducting the mapping analysis. The new criteria are intended to produce more accurate results—that is, to successfully meet the mapping criteria, the implementation of the mapped controls should result in an equivalent information security posture. While mapping exercises may by their very nature, include a degree of subjectivity, the new criteria attempts to minimize that subjectivity to the greatest extent possible. 

Comment period CLOSED on: September 26, 2014. Questions? Send email to: sec-cert@nist.gov

Created December 21, 2016, Updated June 22, 2020