NIST Offers âQuick-Startâ Guide for Its Security and Privacy Safeguards Catalog
NIST is comparing this new tool to a “quick-start guide” because it helps users get going with Special Publication (SP) 800-53, which NIST updated to Revision 5 last month after a multiyear effort. SP 800-53 is a comprehensive catalog of safeguards — referred to as controls — that address specific weaknesses in an organization or information system. The new companion guide, NIST SP 800-53B, can help an organization select the baseline, or group of safeguards, from the catalog that is appropriate for the risk level and threats the organization faces.
While NIST guidelines are nonregulatory, FISMA and OMB Circular A-130 require implementation of a minimum set of controls selected from SP 800-53 to protect federal information and information systems. The security and privacy control baselines will most likely have far-reaching effects, as many organizations interact with the federal government.