Publications
July 19, 2023: URLs for CSRC publication details pages have changed. Legacy URLs should automatically redirect to the new URLs. However, links to the actual publications have NOT changed (e.g., DOIs and PDFs on nvlpubs.nist.gov). Please send inquiries to
csrc-inquiry@nist.gov.
Withdrawn on April 30, 2014.
Revised Catalog of Security Controls for Federal Information Systems and Organizations: For Use in Both National Security and Nonnational Security Systems
Documentation
Date Published: August 2009
Author(s)
Shirley Radack (NIST)
This bulletin summarizes the information presented in NIST Special Publication 800-53, Revision 3, Recommended Security Controls for Federal Information Systems and Organizations, on the catalog of security controls for information systems. These best practices are broad based and comprehensive safeguards and countermeasures for protecting today s information systems. The publication presents a uniform approach to describing controls for both national security and non-national security applications to help government organizations address advanced cyber threats that can exploit vulnerabilities in federal information systems. The bulletin explains the role of security controls in the risk management process that IT managers apply to balance the operational and economic costs of protective measures for their information and IT systems with the gains in capabilities and improved support of organizational mission that result from the use of efficient protection procedures. Information is provided about how the information on security controls is organized in the publication and how to access NIST standards and guidelines that pertain to security controls.
This bulletin summarizes the information presented in NIST Special Publication 800-53, Revision 3, Recommended Security Controls for Federal Information Systems and Organizations, on the catalog of security controls for information systems. These best practices are broad based and comprehensive...
See full abstract
This bulletin summarizes the information presented in NIST Special Publication 800-53, Revision 3, Recommended Security Controls for Federal Information Systems and Organizations, on the catalog of security controls for information systems. These best practices are broad based and comprehensive safeguards and countermeasures for protecting today s information systems. The publication presents a uniform approach to describing controls for both national security and non-national security applications to help government organizations address advanced cyber threats that can exploit vulnerabilities in federal information systems. The bulletin explains the role of security controls in the risk management process that IT managers apply to balance the operational and economic costs of protective measures for their information and IT systems with the gains in capabilities and improved support of organizational mission that result from the use of efficient protection procedures. Information is provided about how the information on security controls is organized in the publication and how to access NIST standards and guidelines that pertain to security controls.
Hide full abstract
Keywords
Federal Information Processing Standards; Federal Information Security Management Act; FISMA; information security; information system security; minimum security requirements; NIST Special Publications; risk management; Risk Management Framework; security categorization; security controls; null
Control Families
None selected
Documentation
Publication:
No Download Available
Supplemental Material:
None available
Document History:
08/20/09: ITL Bulletin (Final)
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
