U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST CSWP 20 (Initial Public Draft)

Planning for a Zero Trust Architecture: A Starting Guide for Administrators

Date Published: August 4, 2021
Comments Due: September 3, 2021 (public comment period is CLOSED)
Email Questions to: zerotrust-arch@nist.gov

Author(s)

Scott Rose (NIST)

Announcement

This draft white paper provides a high-level overview of the NIST Risk Management Framework (NIST RMF) and how it can help in developing and implementing a zero trust architecture.

Zero trust is a set of cybersecurity principles used by stakeholders to plan and implement an enterprise architecture. Since some of these stakeholders may not be familiar with risk analysis and management, the NIST RMF provides a common set of concepts and tasks to both security planners and system operators.

Abstract

Keywords

architecture; information technology; risk; zero trust
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.CSWP.20.ipd
Download URL

Supplemental Material:
Local Download (pdf)

Document History:
08/04/21: CSWP 20 (Draft)
05/06/22: CSWP 20 (Final)

Topics

Security and Privacy

planning, risk management, zero trust

Technologies

networks

Applications

enterprise