What is NIST 800-53?
The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 provides guidance for the selection of security and privacy controls for federal information systems and organizations. Revision 4 is the most comprehensive update since the initial publication. This update
was motivated principally by the expanding threat space and increasing sophistication of cyber attacks. Major changes include new security controls and control enhancements to address advanced persistent threats (APTs), insider threats, and system assurance; as well as technology trends such as
mobile and cloud computing.
Designed to Protect Federal Information Systems
Federal Information Processing Standards (FIPS) are developed by NIST in accordance with FISMA. Since FISMA requires that federal agencies comply with these standards, they must do so. Guidance documents and recommendations are issued in the NIST Special Publication (SP) 800 series. Office of Management and Budget (OMB) policies state that for other than national security programs and systems, agencies must follow NIST guidance.
NIST 800-53 rev4 has become the gold standard in information security frameworks
NIST 800-53 rev4 has become the defacto gold standard in security. It is by far the most rebost and perscriptive set of security standards to follow, and as a result, systems that are certifed as compliant against NIST 800-53 are also considered the most secure.
NIST 800-53 vs NIST 800-53A – The A is for Audit (or Assessment)
NIST 800-53A rev4 provides the assessment and audit procedures necessary to test information systems against the security controls outlined in NIST 800-53, revision 4.
The procedures are customizable and can be easily tailored to provide organizations with the needed flexibility to conduct security control assessments and privacy control assessments that support organizational risk management processes and that are aligned with the stated risk tolerance of the organization.
Download NIST 800-53A Audit and Assessment Checklist in XLS / CSV format
All copyrights for this article are reserved to Inet-search