NIST SP 800-53 Rev 4.0 Quick Reference Guide
NIST 800-53 Reference Guide
Downloadable Control Checklist for NIST 800-53 Revision 4
The changes are directly linked to the current state of the threat space (i.e., capabilities, intentions and targeting activities of adversaries) and attack data collected and analyzed over a substantial time period.
The major changes in Revision 4 include:
- New security controls and control enhancements
- Clarification of security control requirements and specification language
- New tailoring guidance including the introduction of overlays
- Additional supplemental guidance for security controls and enhancements
- New privacy controls and implementation guidance
- Updated security control baselines
- New summary tables for security controls to facilitate ease-of-use
- Revised minimum assurance requirements and designated assurance controls.
NIST’s objectives, addressed in this version, are to provide near real-time risk management and the ability to design, develop and implement effective continuous monitoring programs, which depends, first and foremost, on the organization’s ability to develop a strong information technology infrastructure.
This means building stronger, more resilient information systems using system components with sufficient security capability to protect core missions and business functions. The security and privacy controls in this publication, along with the flexibility inherent in the implementation guidance, provide the requisite tools to implement effective, risk-based, cyber security programs, address the most sophisticated threats on the horizon.
TalaTek’s team of experts have deep expertise working with federal agencies and other public-sector clients and can assist with any aspect of the NIST recommendations in this update including continuous monitoring and risk management services. For more details, visit our Services page.