← Glossary·Frameworks

NIST SP 800-53

NISTFedRAMPFISMA

NIST catalogue of 1000+ security and privacy controls for federal information systems (Rev 5).

NIST Special Publication 800-53 Rev 5 is the catalogue of security and privacy controls for federal information systems and organisations. Controls are organised into 20 families (e.g. AC, AU, SC, SI) and tailored to system impact levels (Low, Moderate, High) per FIPS 199.

Why it matters
800-53 is the control baseline for FedRAMP, FISMA, and most US federal contracts. Any cloud product sold to civilian agencies must map controls to 800-53.

Related terms

FedRAMP
Standardised US government program for cloud-service authorisation, based on NIST 800-53.
FISMA
US law requiring federal agencies (and their contractors) to implement an information-security program based on NIST standards.
NIST CSF
Voluntary NIST framework organising cybersecurity outcomes into six Functions: Govern, Identify, Protect, Detect, Respond, Recover.

Does your program actually cover NIST SP 800-53?

Run a free ComplianceIQ audit against NIST and we'll surface every gap on this — and the other controls auditors flag — with the exact clause references to fix.

Free NIST auditBack to glossary