U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Online Informative References Program OLIR

OLIR Focal Document Templates

The below table provides all National Online Informative Reference (OLIR) Program Focal Documents in multiple downloadable formats (.XLSX, JSON, & .CSV).

If you would like to participate in the OLIR Program please consult NISTIR 8278A, National Online Informative References (OLIR) Program: Submission Guidance for OLIR Developers and become familiar with the requirements procedures. Developers of Informative References considering a submission are welcome to contact NIST with questions before completing the entire Informative Reference submission package. Questions and draft Informative Reference documents may be directed to olir@nist.gov

OLIR Focal Document

Excel Format JSON Format CSV Format
Cybersecurity Framework v1.1 .xlsx JSON Details | Elements
Privacy Framework v1 .xlsx JSON Details | Elements
800-53 Rev. 4 .xlsx JSON Details | Elements
800-53 Rev. 5 .xlsx JSON Details | Elements

NISTIR 8259A: IoT Device Cybersecurity
Capability Core Baseline

.xlsx JSON Details | Elements
NISTIR 8259B: IoT Non-Technical Supporting Capability Core Baseline .xlsx JSON Details | Elements
800-171 Rev. 2 .xlsx JSON Details | Elements
Secure Software Development Framework (SSDF) Version 1.1 .xlsx JSON Details | Elements
NIST SP 800-213A IoT Device Cybersecurity Guidance for the Federal Government: IoT Device Cybersecurity Requirement Catalog .xlsx JSON Details | Elements
NISTIR 8425: Profile of the IoT Core Baseline for Consumer IoT Products .xlsx JSON Details  Elements
SP 800-181: National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2017) .xlsx JSON Details | Elements
SP 800-221A: Information and Communications Technology (ICT) Risk Outcomes: A Framework for Integrating ICT Risk Management Programs with the Enterprise Risk Portfolio .xlsx JSON Details | Elements

Created September 08, 2020, Updated May 30, 2023