NIST Risk Management Framework RMF
News and Updates
NIST has released Cybersecurity White Paper (CSWP) 30
December 6, 2023
NIST has released Cybersecurity White Paper (CSWP) 30, Automation Support for Control Assessments – Project Update and Vision, which describes planned updates to the NIST Interagency Report (IR) 8011 series.
NISTIR 8212: ISCM Program Assessment and Tool
March 31, 2021
NIST has published NISTIR 8212, "An Information Security Continuous Monitoring Program Assessment," and the ISCMAx tool that implements the ISCM program assessment described in SP 800-137A.
NIST Publishes SP 800-172
February 2, 2021
NIST announces the release of Special Publication (SP) 800-172, "Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171"
Updates to SP 800-53 Rev 5 and 800-53B
December 10, 2020
NIST has issued supplemental materials and errata updates for both SP 800-53 Rev. 5 and SP 800-53B, which were originally published in September 2020. New materials include control mappings and control comparisons.
SP 800-53 Revision 5 Published
September 23, 2020
NIST Special Publication (SP) 800-53 Revision 5, "Security and Privacy Controls for Information Systems and Organizations," represents a multi-year effort to develop the next generation of controls needed to strengthen and...
Control Baselines: Draft SP 800-53B
July 31, 2020
NIST has released Draft SP 800-53B, "Control Baselines for Information Systems and Organizations," for public comment. The comment period is open through September 11, 2020.
Assessing ISCM Programs: NIST SP 800-137A
May 21, 2020
NIST has published Special Publication (SP) 800-137A, "Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment."
NIST Publishes NISTIR 8011 Vol. 4
April 28, 2020
NIST has published Volume 4 of NISTIR 8011: "Automation Support for Security Control Assessments: Software Vulnerability Management."
NIST Releases FPD SP 800-53 Rev. 5
March 16, 2020
NIST has released the Final Public Draft of Special Publication (SP) 800-53 Revision 5, "Security and Privacy Controls for Information Systems and Organizations," for public comment. Comments are due by May 29, 2020.
Assessing ISCM Programs: NIST Releases Draft SP 800-137A
January 13, 2020
NIST has released Draft Special Publication (SP) 800-137A, "Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment." Public comments are due by February 28, 2020.
NIST Releases Draft NISTIR 8011 Vol. 4 for Comment
November 20, 2019
NIST has released Draft NISTIR 8011 Volume 4, "Automation Support for Security Control Assessments: Software Vulnerability Management," for public comment. The comment period ends December 20, 2019.
NIST Updates SP 800-128
October 15, 2019
NIST has updated Special Publication (SP) 800-128, "Guide for Security-Focused Configuration Management of Information Systems"
Withdrawal of SP 800-64 Rev. 2
May 31, 2019
NIST has withdrawn Special Publication 800-64 Revision 2, "Security Considerations in the System Development Life Cycle."
Project Links
Additional Pages
Created November 30, 2016, Updated September 24, 2024