# NIST SP 800-53*

Security and Privacy Controls for Federal Information Systems and Organizations

# Acronyms, Abbreviations, and Initialisms

Short Form Full Form
NIST National Institute of Standards and Technology
SP Special Publication

# Overview

The primary goal and objective of the NIST SP 800-53 standard is to ensure that appropriate security requirements and security controls are applied to all U.S. federal government information and information management systems.

# Components

Although the NIST Risk Management Framework provides the pieces and parts for an effective security program, it is aimed at government agencies focusing on the following key components:

  • 2.1 Multitiered Risk Management
  • 2.2 Security Control Structure
  • 2.3 Security Control Baselines
  • 2.4 Security Control Designations
  • 2.5 External Service Partners
  • 2.6 Assurance and Trustworthiness
  • 2.7 Revisions and Extensions
  • 3.1 Selecting Security Control Baselines
  • 3.2 Tailoring Security Control Baselines
  • 3.3 Creating Overlays
  • 3.4 Document the Control Selection Process
  • 3.5 New Development and Legacy Systems