SP 1314 |
NIST Risk Management Framework (RMF) Small Enterprise Quick Start Guide: A Comprehensive, Flexible, Risk-Based Approach to Managing Information Security and Privacy Risk |
Final |
07/23/2024 |
SP 800-60 Rev. 2 |
Guide for Mapping Types of Information and Systems to Security Categories |
Draft |
01/31/2024 |
CSWP 30 |
Automation Support for Control Assessments: Project Update and Vision |
Final |
12/06/2023 |
SP 800-53A Rev. 5 |
Assessing Security and Privacy Controls in Information Systems and Organizations |
Final |
01/25/2022 |
SP 800-47 Rev. 1 |
Managing the Security of Information Exchanges |
Final |
07/20/2021 |
IR 8212 |
ISCMA: An Information Security Continuous Monitoring Program Assessment |
Final |
03/31/2021 |
SP 800-53 Rev. 5 |
Security and Privacy Controls for Information Systems and Organizations |
Final |
12/10/2020 |
SP 800-53B |
Control Baselines for Information Systems and Organizations |
Final |
12/10/2020 |
SP 800-137A |
Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment |
Final |
05/21/2020 |
IR 8011 Vol. 4 |
Automation Support for Security Control Assessments: Software Vulnerability Management |
Final |
04/28/2020 |
SP 800-160 Vol. 2 |
Developing Cyber Resilient Systems: A Systems Security Engineering Approach |
Withdrawn |
11/27/2019 |
SP 800-128 |
Guide for Security-Focused Configuration Management of Information Systems |
Final |
10/10/2019 |
SP 800-37 Rev. 2 |
Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy |
Final |
12/20/2018 |
IR 8011 Vol. 3 |
Automation Support for Security Control Assessments: Software Asset Management |
Final |
12/06/2018 |
SP 800-12 Rev. 1 |
An Introduction to Information Security |
Final |
06/22/2017 |
IR 8011 Vol. 1 |
Automation Support for Security Control Assessments: Volume 1: Overview |
Final |
06/06/2017 |
IR 8011 Vol. 2 |
Automation Support for Security Control Assessments: Volume 2: Hardware Asset Management |
Final |
06/06/2017 |
IR 8023 |
Risk Management for Replication Devices |
Final |
02/23/2015 |
SP 800-53 Rev. 4 |
Security and Privacy Controls for Federal Information Systems and Organizations |
Withdrawn |
01/22/2015 |
SP 800-53A Rev. 4 |
Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans |
Withdrawn |
12/18/2014 |
SP 800-30 Rev. 1 |
Guide for Conducting Risk Assessments |
Final |
09/17/2012 |
SP 800-137 |
Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations |
Final |
09/30/2011 |
SP 800-39 |
Managing Information Security Risk: Organization, Mission, and Information System View |
Final |
03/01/2011 |
SP 800-60 Vol. 1 Rev. 1 |
Guide for Mapping Types of Information and Information Systems to Security Categories |
Final |
08/01/2008 |
SP 800-60 Vol. 2 Rev. 1 |
Guide for Mapping Types of Information and Information Systems to Security Categories: Appendices |
Final |
08/01/2008 |
FIPS 200 |
Minimum Security Requirements for Federal Information and Information Systems |
Final |
03/01/2006 |
SP 800-18 Rev. 1 |
Guide for Developing Security Plans for Federal Information Systems |
Final |
02/24/2006 |
FIPS 199 |
Standards for Security Categorization of Federal Information and Information Systems |
Final |
02/01/2004 |
SP 800-59 |
Guideline for Identifying an Information System as a National Security System |
Final |
08/20/2003 |