ISpectra Technologies
Government · Control Catalog

What is NIST 800-53?

The comprehensive catalog of security and privacy controls from NIST that underpins FedRAMP, FISMA and many enterprise programs.

Definition

NIST SP 800-53 is a catalog of security and privacy controls published by the US National Institute of Standards and Technology. It provides a comprehensive, flexible set of controls that organisations select from — using baselines — to protect their information systems and the data within them.

It underpins FISMA compliance for US federal agencies and FedRAMP for cloud providers, and is widely adopted by enterprises as a rigorous control framework. The current release is Revision 5, which integrates privacy and supply-chain controls.

How NIST 800-53 is organised

1

Control families

20 families spanning access control to supply chain.

2

Control baselines

Low, Moderate and High starting points.

3

Tailoring

Adjust the baseline to your risk and mission.

4

Privacy controls

Integrated privacy protections (Rev 5).

5

Overlays

Sector- or purpose-specific control sets.

Who needs to comply?

US federal agencies and their contractors (via FISMA), cloud providers pursuing FedRAMP, and enterprises seeking a rigorous, well-recognised control catalog.

How ISpectra helps

ISpectra helps you adopt NIST 800-53 — selecting and tailoring the right baseline, implementing and documenting controls, and mapping them to FedRAMP, FISMA or your enterprise obligations.

Talk to an advisor