U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

overlay

Abbreviation(s) and Synonym(s):

Definition(s):

  A specification of security controls, control enhancements, supplemental guidance, and other supporting information employed during the tailoring process, that is intended to complement (and further refine) security control baselines. The overlay specification may be more stringent or less stringent than the original security control baseline specification and can be applied to multiple information systems.
Source(s):
CNSSI 4009-2015 from NIST SP 800-53 Rev. 4
NIST SP 800-53 Rev. 4 [Superseded] under Overlay

  A set of security controls, control enhancements, supplemental guidance, and other supporting information, that is intended to complement (and further refine) security control baselines to provide greater ability to appropriately tailor security requirements for specific technologies or product groups, circumstances and conditions, and/or operational environments. The overlay specification may be more stringent or less stringent than the original security control baseline specification and can be applied to multiple information systems.
Source(s):
NIST SP 800-161 under Overlay from NIST SP 800-53 Rev. 4 - Adapted

  A specification of security or privacy controls, control enhancements, supplemental guidance, and other supporting information employed during the tailoring process, that is intended to complement (and further refine) security control baselines. The overlay specification may be more stringent or less stringent than the original security control baseline specification and can be applied to multiple information systems.
Source(s):
NIST SP 800-37 Rev. 2

  A specification of security or privacy controls, control enhancements, supplemental guidance, and other supporting information employed during the tailoring process, that is intended to complement (and further refine) security control baselines. The overlay specification may be more stringent or less stringent than the original security control baseline specification and can be applied to multiple information systems. See tailoring.
Source(s):
NIST SP 800-53 Rev. 5 from OMB Circular A-130 (2016)
NIST SP 800-53B from OMB Circular A-130 (2016)

  A fully specified set of security controls, control enhancements, and supplemental guidance derived from tailoring a security baseline to fit the user’s specific environment and mission.
Source(s):
NISTIR 8183 under Overlay from NIST SP 800-53
NISTIR 8183 Rev. 1 under Overlay from NIST SP 800-53 Rev. 4

  See Overlay.
Source(s):
NIST SP 800-53 Rev. 4 [Superseded] under Security Control Overlay