Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects FISMA Implementation Project

FISMA Implementation Project FISMA

NIST Security Control Overlay Repository (SCOR)

Overview

The NIST Security Control Overlay Repository (SCOR) provides stakeholders a platform for voluntarily sharing security control overlays. The level of detail included in the overlay is at the discretion of the organization developing the overlay, but is of sufficient breadth and depth to provide an appropriate rationale and justification for the resulting tailored baseline developed, including any risk-based decisions made during the overlay development process. Tailoring is the process of modifying controls (e.g., designating common controls, selecting compensating controls and enhancements) to meet organizational and operational needs.

For more information about overlays, see: Overlay Overview 


The overlay repository is organized into categories of overlays based on the submitting organization: government-wide; public (submitted by a .com, .edu, or .org); and NIST-developed.

  • Government-wide category consists of submissions from federal, state, tribal, and local governments.
  • Public category consists of submissions from commercial, educational, or non-profit organizations.
  • NIST-developed category consists of submissions developed by NIST.
     

Overlay Submissions

Government-wide
Public
NIST-developed

Contacts

Ron Ross
ron.ross@nist.gov

Victoria Yan Pillitteri
victoria.yan@nist.gov

Kelley Dempsey
kelley.dempsey@nist.gov

Eduardo Takamura
eduardo.takamura@nist.gov

Jeff Brewer
jeffrey.brewer@nist.gov

Jody Jacobs
jody.jacobs@nist.gov

Ned Goren
nedim.goren@nist.gov

Topics

Security and Privacy: risk management

Laws and Regulations: E-Government Act, Federal Information Security Modernization Act

Created November 30, 2016, Updated December 03, 2020