Recommended Security Controls for Federal Information Systems and Organizations

Joint Task Force Transformation Initiative

SP 800-53 Rev. 3

Withdrawn on August 12, 2009. Superseded by SP 800-53 Rev. 3

Recommended Security Controls for Federal Information Systems and Organizations

Documentation

Date Published: August 2009

Supersedes: SP 800-53 Rev. 2 (12/19/2007)

Author(s)

Joint Task Force Transformation Initiative

Announcement

[Original publication of Rev. 3 (August 1, 2009)]

Abstract

The objective of NIST SP 800-53 is to provide a set of security controls that can satisfy the breadth and depth of security requirements levied on information systems and organizations and that is consistent with and complementary to other established information security standards. Revision 3 is the first major update since December 2005 and includes significant improvements to the security control catalog.

Keywords

common controls; FISMA; managing risk; risk management framework; security control assurance; security control baselines; security controls; security requirements

Control Families

Access Control; Audit and Accountability; Awareness and Training; Assessment, Authorization and Monitoring; Configuration Management; Contingency Planning; Identification and Authentication; Incident Response; Maintenance; Media Protection; Personnel Security; Physical and Environmental Protection; Planning; Risk Assessment; System and Communications Protection; System and Information Integrity; System and Services Acquisition

Documentation

Publication:
None available

Supplemental Material:
None available

Document History:
08/03/09: SP 800-53 Rev. 3

Information Technology Laboratory

Computer Security Resource Center

Computer Security Resource Center

SP 800-53 Rev. 3

Recommended Security Controls for Federal Information Systems and Organizations

Author(s)

Announcement

Abstract

Keywords

Control Families

Documentation