Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cybersecurity Framework

Informative Reference Catalog

This catalog contains Informative References to the Framework. Clicking on the“more details” link within the Informative Reference column in the table below will display the Informative Reference information and links to the Informative Reference spreadsheet. The  Informative Reference submission page describes the submission process for Informative References to be added to this catalog.

Representations and Warranties

Certain commercial entities, equipment, or materials may be identified in this Web site or linked Web sites in order to support Framework understanding and use. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose.

Derived Relationship Mapping

Advanced Search

Informative Reference (ver) Reference Document Posted Date Framework Version Submitting Organization Authority
CIS Critical Security Controls (1.0.0) (More Details) CIS Controls Version 7.1 11/21/19 1.1 Center for Internet Security Owner
COBIT 2019 (1.0.0) (More Details) COBIT 2019 11/13/19 1.1 ISACA Owner
Factor Analysis of Information Risk (FAIR) - Risk Analysis Mapping (1.0.0) (More Details) C13G - OpenFAIR Risk Analysis 11/20/19 1.1 FAIR Institute/OpenGroup Non-Owner
Factor Analysis of Information Risk (FAIR) - Risk Taxonomy Mapping (1.0.0) (More Details) C13K - OpenFAIR Risk Taxonomy 11/20/19 1.1 FAIR Institute/OpenGroup Non-Owner
HITRUST-CSF-v9-2-to-NIST-CSF-v1-1 (1.0.0) (More Details) HITRUST CSF v9.2 11/19/19 1.1 HITRUST Alliance; Standards Owner
ISF Standard of Good Practice for Information Security 2018 Online Informative Reference to the NIST Cybersecurity Framework (1.0.0) (More Details) ISF Standard of Good Practice for Information Security 2018 11/14/19 1.1 Information Security Forum Owner
NIST Cybersecurity Framework Informative Reference for 800-171 Rev. 1 (1.0.0) (More Details) Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations 11/13/19 1.1 NIST Owner
Created May 24, 2016, Updated December 02, 2019