Risk Management Framework

NIST 800-53

NIST 800-53 was created by the National Institute of Standards and Technology (NIST) and outlines guidelines for privacy and cybersecurity for federal IT. Although it was created for federal information systems, this Risk Management Framework provides core guidance to other compliance frameworks.

Framework Summary

Even though there are many controls as a part of NIST 800-53, these controls are broken down into 18 different groups. According to the lastest update of NIST 800-53, these control groups are:

  1. Access Control
  2. Audit and Accountability
  3. Awareness and Training
  4. Configuration Management
  5. Contingency Planning
  6. Identification and Authentication
  7. Incident Response
  8. Maintenance
  9. Media Protection
  10. Personnel Security
  11. Physical and Environmental Protection
  12. Planning
  13. Program Management
  14. Risk Assessment
  15. Security Assessment and Authorization
  16. System and Communications Protection
  17. System and Information Integrity
  18. System and Services Acquisition

Free Discovery Session

Have a quick question?
Email us: cybersecurity@mindpointgroup.com
Give us a call: (703) 636-2033 Option 2