You are viewing this page in an unauthorized frame window.

This is a potential security issue, you are being redirected to https://csrc.nist.gov.

An official website of the United States government

Here’s how you know

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

CSRC MENU

Projects
Publications Expand or Collapse

Drafts for Public Comment

All Public Drafts

Final Pubs

FIPS (standards)

Special Publications (SPs)

IR (interagency/internal reports)

CSWP (cybersecurity white papers)

ITL Bulletins

Project Descriptions

Journal Articles

Conference Papers

Books
Topics Expand or Collapse

Security & Privacy

Applications

Technologies

Sectors

Laws & Regulations

Activities & Products
News & Updates
Events
Glossary
About CSRC Expand or Collapse
Computer Security Division
Applied Cybersecurity Division
Contact Us

Information Technology Laboratory

Computer Security Resource Center

Topics Security and Privacy risk management

controls

Share to Facebook Share to X Share to LinkedIn Share ia Email

Related Projects

Cybersecurity Supply Chain Risk Management C-SCRM
Cybersecurity Supply Chain Risk Management (C-SCRM) involves identifying, assessing, and mitigating...

macOS Security APPLE-OS
NIST has traditionally published secure configuration guides for Apple operating systems, e.g., NIST...

Open Security Controls Assessment Language OSCAL
NIST, in collaboration with the industry, is developing the Open Security Controls Assessment...

SP 800-53 Control Overlays for Securing AI Systems COSAiS
Recent Updates January 8, 2026: To facilitate discussion at the Cyber AI Profile Workshop #2...

View All Projects

Related Events

Virtual Event: Learn about the new NIST SP 800-53 Control Overlays for Securing AI Systems Project
September 25, 2025

3rd Open Security Controls Assessment Language (OSCAL) Workshop
March 1, 2022 to March 2, 2022
The National Institute of Standards and Technology hosted on Tuesday, March 1st, and Wednesday,...

NIST RMF Webcast: A Flexible Methodology to Manage Information Security and Privacy Risk
February 28, 2019
WEBCAST ONLY – Registration is not required to view the webcast, but registered viewers will receive...

ISPAB June 2017 Meeting
June 28, 2017 to June 30, 2017
The Information Security and Privacy Advisory Board (ISPAB) met June 28-30, 2017 at American...

ISPAB March 2017 Meeting
March 29, 2017 to March 31, 2017
The Information Security and Privacy Advisory Board (ISPAB) met March 29-31, 2017, at the National...

View All Events

Related News

NIST Webinar: NIST security control overlays for AI systems
September 16, 2025
This webinar presents a new project to develop NIST security control overlays for AI systems. These...

Draft Special Publication 1800-43, Vol. A and C
August 5, 2025
Draft Volumes A and C of NIST SP 1800-43 are open for public comments

NIST Releases the Initial Public Draft of NIST IR 8011 Vol. 1 Rev. 1
February 20, 2025
The NIST Risk Management Framework (RMF) Team has released the initial public draft (ipd) of NIST...

Online Intro Courses for NIST SP 800-53, SP 800-53A, and SP 800-53B
April 10, 2024
NIST has released three self-guided online introductory courses on the NIST Special Publication (SP)...

NIST has released Cybersecurity White Paper (CSWP) 30
December 6, 2023
NIST has released Cybersecurity White Paper (CSWP) 30, Automation Support for Control Assessments –...

View All News

Related Publications

mDL: Digital Identity for Financial Institutions
SP 1800-42 (Initial Public Draft)
March 18, 2026
Draft

Testable Controls and Security Capabilities for Continuous Monitoring: Volume 1
IR 8011 Vol. 1 Rev. 1 (Initial Public Draft)
February 20, 2025
Draft

Implementing a Zero Trust Architecture
SP 1800-35 (Initial Public Draft)
December 4, 2024
Withdrawn

Implementing a Zero Trust Architecture
SP 1800-35 (4th Preliminary Draft)
July 31, 2024
Withdrawn

Mapping Relationships Between Documentary Standards, Regulations, Frameworks, and Guidelines: Developing Cybersecurity and Privacy Concept Mappings
IR 8477
February 2024
Final

View All Publications

Related Presentations

OSCAL Monthly Workshop Series - Event #37: Collaboratively Maturing the OSCAL Control Mapping Model at the OSCAL Foundation
Presentation - July 16, 2025

OSCAL Monthly Workshop Series - Event #34: OSCAL Catalogs: Create Easily and Use Broadly
Presentation - April 16, 2025

OSCAL Mini Workshop Series - Event #32: The OSCAL Implementer's Guide: Strategies, Lessons, and Best Practices
Presentation - February 19, 2025

OSCAL Monthly Workshop Series - Event #31: From One-Size-Fits-All to Right-Sizing: Adapting OSCAL for the Singapore Government’s Tech Standards
Presentation - January 15, 2025

OSCAL Mini Workshop Series - Event #29: Compliance Framework: An OSCAL-based framework for recording and reporting on audit state
Presentation - November 6, 2024

View All Presentations

Used For

tailoring; overlays

Topics

Security and Privacy
Technologies
Applications
Laws and Regulations
Activities and Products
Sectors

Created June 08, 2016, Updated June 22, 2020

HEADQUARTERS
100 Bureau Drive
Gaithersburg, MD 20899

(link is external)
(link is external)
(link is external)
(link is external)
(link is external)
(link is external)

Want updates about CSRC and our publications? Subscribe

Send inquiries to [email protected]

Site Privacy
Accessibility
Privacy Program
Copyrights
Vulnerability Disclosure
No Fear Act Policy
FOIA
Environmental Policy
Scientific Integrity
Information Quality Standards
Commerce.gov
Science.gov
USA.gov
Vote.gov

CS Knowledge Base