The Online Informative Reference Catalog contains all the Reference Data—Informative References and Derived Relationship Mappings (DRMs)—for the National Online Informative References (OLIR) Program. All Reference Data in the Informative Reference Catalog has been validated against the requirements of NIST Interagency Report (IR) 8278A, National Online Informative References (OLIR) Program: Submission Guidance for OLIR Developers. If interested in participating in the OLIR program, please refer to the Informative Reference submission page.
The OLIR Catalog provides an interface for Developers and Users to view Informative References and analyze Reference Data. The Catalog includes links to draft content that is being evaluated during a 30-day public comment period and final versions that have completed the public comment period.
For more information on the National Online Informative References (OLIR) Program, refer to NISTIR 8278, National Online Informative References (OLIR) Program: Program Overview and OLIR Uses which describes the OLIR Program, focusing on explaining what OLIRs are, how they can be beneficial, and how subject matter experts can contribute OLIRs.
The status field is used to indicate the level of completion an OLIR is currently in. The following is a description of each stage of completion and what each stage represents, for more information, please see the status FAQ:
Status | Definition |
---|---|
Work-in-progress | The document is currently under development. This draft is not yet complete, and organizations should not attempt to implement it. |
Preliminary Draft | The content is considered to be stable, but changes are expected to occur. There are gaps in the content and the overall document is still incomplete. |
Draft | The document represents a complete draft. Early adopters may attempt to implement the guidelines in a test or development environment. |
Final | The document is final. Relevant content will continue to be linked from or hosted on csrc.nist.gov or nccoe.nist.gov, as appropriate. |
Final | NIST_IoT_Labelling_Eurofins_SCD_Logo_OLIR (1.0.0) (More Details) | EIOTS-2011 Secure Connected Devices Logo Requirements 01.001 | 06/06/22 | Consumer IoT | Eurofins Cyber Security | Owner | Private Sector |
Final | HITRUST-CSF-v9-6-0-to-NIST-CSF-v1-1 (1.0.0) (More Details) | HITRUST CSF v9.6 | 04/19/22 | Cybersecurity Framework v1.1 | HITRUST Alliance; Standards | Owner | Private Sector |
Work-in-Progress Draft | NISTIR-8374-Ransomware-Profile-to-CSF-v1.1 (1.0.0) (More Details) | NISTIR 8374 Ransomware Risk Management: A Cybersecurity Framework Profile | 02/28/22 | Cybersecurity Framework v1.1 | National Institute of Standards and Technology | Owner | Public Sector |
Final | Framework-v1.1-to-800-53-Rev5 (1.0.0) (More Details) | Framework for Improving Critical Infrastructure Cybersecurity Version 1.1 | 02/02/22 | 800-53 Rev. 5 | National Institute of Standards and Technology | Owner | Public Sector |
Final | NISTIR-8286A-to-CSF-v1-1 (1.0.0) (More Details) | Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management | 01/13/22 | Cybersecurity Framework v1.1 | National Institute of Standards and Technology | Owner | Public Sector |
Work-in-Progress Draft | NISTIR-8286B-to-CSF-v1-1 (1.0.0) (More Details) | Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management | 01/13/22 | Cybersecurity Framework v1.1 | National Institute of Standards and Technology | Owner | Public Sector |
Final | SP-800-213A-v1.0-to-Cybersecurity-Framework-v1.1 (1.0.0) (More Details) | IoT Device Cybersecurity Guidance for the Federal Government: IoT Device Cybersecurity Requirement Catalog | 01/10/22 | Cybersecurity Framework v1.1 | NIST | Owner | Public Sector |
Final | SP-800-213A-v1.0-to-SP-800-53r5 (1.0.0) (More Details) | IoT Device Cybersecurity Guidance for the Federal Government: IoT Device Cybersecurity Requirement Catalog | 01/10/22 | 800-53 Rev. 5 | NIST | Owner | Public Sector |
Final | SP800-37-Rev-2-to-Framework-v1.1 (1.0.0) (More Details) | NIST Special Publication 800-37 Revision 2 | 11/23/21 | Cybersecurity Framework v1.1 | National Institute of Standards and Technology | Owner | Public Sector |
Final | NISTIR_8259A_Eurofins_SCD_Logo_OLIR (1.1.0) (More Details) | EIOTS-2011 Secure Connected Devices Logo Requirements 01.001 | 11/10/21 | IoT Device Cybersecurity Capability Core Baseline | Eurofins Cyber Security | Owner | Private Sector |
Certain commercial entities, equipment, or materials may be identified in this Web site or linked Web sites in order to support OLIR understanding and use. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose.