Date Published: September 2020 (includes updates as of Dec. 10, 2020)
Supersedes:
SP 800-53 Rev. 5 (09/23/2020)
Planning Note (1/22/2021):
See the Errata (beginning on p. xvii) for a list of updates to the original publication.
New supplemental materials are also available:
Also available:
Access Control; Audit and Accountability; Awareness and Training; Configuration Management; Contingency Planning; Assessment, Authorization and Monitoring; Identification and Authentication; Incident Response; Maintenance; Media Protection; Personnel Security; Physical and Environmental Protection; Planning; Risk Assessment; System and Services Acquisition; System and Information Integrity; System and Communications Protection; Program Management; PII Processing and Transparency; Supply Chain Risk Management
Publication:
SP 800-53 Rev. 5 (DOI)
Local Download
Supplemental Material:
Control Catalog (spreadsheet) (xls)
Analysis of updates between 800-53 Rev. 5 and Rev. 4, by MITRE Corp. for ODNI (xls)
Mapping: Appendix J Privacy Controls (Rev. 4) to Rev. 5 (xls)
Mappings: Cybersecurity Framework and Privacy Framework to Rev. 5 (xls)
Mapping: Rev. 5 to ISO/IEC 27001 (word)
OSCAL Version of Rev. 5 controls (web)
Control Collaboration Index Template (xls)
Control Collaboration Index Template (word)
Blog post (web)
Other Parts of this Publication:
SP 800-53B
Document History:
12/10/20: SP 800-53 Rev. 5 (Final)
Security and Privacy
privacy controls; security controls; security programs & operations
Laws and Regulations
E-Government Act; Federal Information Security Modernization Act; Homeland Security Presidential Directive 12; Homeland Security Presidential Directive 7; OMB Circular A-11; OMB Circular A-130