NIST has published NIST Internal Report (NISTIR) 8204, Cybersecurity Framework Online Informative References (OLIR) Submissions: Specification for Completing the OLIR Template

The Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) lists several related cybersecurity documents as Informative References. Informative References show relationships between the Cybersecurity Framework’s functions, categories, and subcategories and specific sections of standards, guidelines, and best practices. Informative References are often more detailed than the functions, categories, and subcategories and illustrate ways to achieve those outcomes. Finally, Informative References suggest how to use a given cybersecurity document in coordination with the Framework for the purposes of cybersecurity risk management.

NISTIR 8204 is intended to ease the process of creating new Informative References associated with NIST's Cybersecurity Framework.  This document provides guidance to potential Informative Reference Authors on how to fill out the OLIR Template and submit it to NIST for review.

NIST is continuing to identify potential candidates that are willing to participate in the Online Informative Reference (OLIR) Program.  The envisioned development and public feedback process can be reviewed at https://www.nist.gov/cyberframework/reference-submission-page.