[WEBINAR] The New Normal: Dealing with the Reality of an Unsecure World

NIST 800-53

Definition - What does NIST 800-53 mean?

NIST 800-53 is a publication that recommends security controls for federal information systems and organizations and documents security controls for all federal information systems, except those designed for national security.

NIST 800-53 is published by the National Institute of Standards and Technology, which creates and promotes the standards used by federal agencies to implement the Federal Information Security Management Act (FISMA) and manage other programs designed to protect information and promote information security. Agencies are expected to meet NIST guidelines and standards within one year of publication.

NIST 800-53 is also known as NIST Special Publication 800-53.

Techopedia explains NIST 800-53

NIST 800-53 subdivides security controls into common, custom and hybrid categories. Common controls are those often used throughout an organization. Custom controls are those intended to be used by an individual application or device. Hybrid controls start with a standard control and are customized per the requirements of a particular device or application.

NIST SP 800-53 is actually a part of the Special Publication 800-series, which reports on the following:
  • Information Technology Laboratory (ITL) guidelines, research and outreach initiatives in information system security
  • ITL’s actions with academic, industry and government organizations
NIST Special Publication 800-53 includes the procedures in the Risk Management Framework, which deal with security-control selection for federal information systems per the security requirements in Federal Information Processing Standard (FIPS) 200. This consists of the selection of a primary set of baseline security controls in accordance with a FIPS 199 worst-case impact analysis, creating standard security controls, as well as adding the security controls in line with an organizational risk assessment. The security rules cover 17 areas, including incident response, access control, ability for disaster recovery and business continuity.

Techopedia Deals

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
"Techopedia" on Twitter

Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Free Whitepaper: The Path to Hybrid Cloud
Free Whitepaper: The Path to Hybrid Cloud:
The Path to Hybrid Cloud: Intelligent Bursting To Amazon Web Services & Microsoft Azure
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.