Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

Security Control Overlay

Abbreviation(s) and Synonym(s):

Overlay

Definition(s):

  A specification of security controls, control enhancements, supplemental guidance, and other supporting information employed during the tailoring process, that is intended to complement (and further refine) security control baselines. The overlay specification may be more stringent or less stringent than the original security control baseline specification and can be applied to multiple information systems.
Source(s):
NIST SP 800-53 Rev. 4 under Overlay

  See Overlay.
Source(s):
NIST SP 800-53 Rev. 4

  A set of security controls, control enhancements, supplemental guidance, and other supporting information, that is intended to complement (and further refine) security control baselines to provide greater ability to appropriately tailor security requirements for specific technologies or product groups, circumstances and conditions, and/or operational environments. The overlay specification may be more stringent or less stringent than the original security control baseline specification and can be applied to multiple information systems.
Source(s):
NIST SP 800-161 under Overlay (NIST SP 800-53 Rev. 4 - Adapted)

  A fully specified set of security controls, control enhancements, and supplemental guidance derived from tailoring a security baseline to fit the user’s specific environment and mission.
Source(s):
NISTIR 8183 under Overlay (NIST SP 800-53)