U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

NIST Risk Management Framework RMF

SP 800-53 Downloads

Download the SP 800-53 Controls in Different Data Formats

Note that NIST Special Publication (SP) 800-53, 800-53A, and SP 800-53B contain additional background, scoping, and implementation guidance in addition to the controls, assessment procedures, and baselines. This NIST SP 800-53 database represents the derivative format of controls defined in NIST SP 800-53 Revision 5, Security and Privacy Controls for Information Systems and Organizations. Derivative data formats of the forthcoming SP 800-53A, Revision 5 controls will be available when the publication is finalized (anticipated by early 2022). 

If there are any discrepancies noted in the content between these NIST SP 800-53 derivative data formats and the latest published NIST SP 800-53, Revision 5 (normative) and NIST SP 800-53B (normative), please contact sec-cert@nist.gov and refer to the official published documents.  

See Additional Resource Downloads for graphics and the RMF Step FAQs. 

SP 800-53, Revision 5 Controls

Authoritative Source: NIST SP 800-53, Revision 5
(includes errata updates 12/2020)

SP 800-53B Control Baselines

Authoritative Source: NIST SP 800-53B
(includes errata updates 12/2020)

SP 800-53, Revision 4 Controls

Authoritative Source: NIST SP 800-53, Revision 4
(includes errata updates 1/2015)

SP 800-53A, Revision 4 Assessment Procedures

Authoritative Source: NIST SP 800-53A, Revision 4
(includes errata updates 12/2014)

SP 800-53, Revision 3 Controls

Authoritative Source: NIST SP 800-53, Revision 3

SP 800-53A, Revision 1* Assessment Procedures

  • Download XML

Authoritative Source: NIST SP 800-53A, Revision 1*
*Note SP 800-53A, Revision 1 is consistent with SP 800-53, Revision 3


Created November 30, 2016, Updated November 01, 2021