Date Published: August 2020
Comments Due:
Email Questions to:
Planning Note (08/04/2020):
NIST is seeking public comments on two draft NISTIRs for the National Cybersecurity Online Informative References (OLIR) Program. This Program is a NIST effort to facilitate subject matter experts in defining standardized Online Informative References (OLIRs), which are relationships between elements of their documents and elements of other documents like the NIST Cybersecurity Framework. The draft reports focus on 1) OLIR program overview and uses (NISTIR 8278), and 2) submission guidance for OLIR developers (NISTIR 8278A).
Draft (2nd) NISTIR 8278 describes the OLIR Program: what OLIRs are, what benefits they provide, how anyone can search and access OLIRs, and how subject matter experts can contribute OLIRs. Based on feedback received from early adopters as well as discussions at the December 2019 OLIR workshop, this second draft includes:
- The introduction of two new Focal Document Templates:
- Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management v1.0, and
- Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations
- New functional enhancements to the OLIR Catalog and Derived Relationships Mapping (DRM) display tool
NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.
Author(s)
Nicole Keller (NIST), Stephen Quinn (NIST), Karen Scarfone (Scarfone Cybersecurity), Matthew Smith (Huntington Ingalls Industries), Vincent Johnson (Electrosoft Services)
Announcement
The National Cybersecurity Online Informative References (OLIR) Program is a NIST effort to facilitate subject matter experts in defining standardized Online Informative References (OLIRs), which are relationships between elements of their documents and elements of other documents like the NIST Cybersecurity Framework. The OLIR Program provides a standard format for expressing OLIRs as well as a centralized location for displaying them. This report describes the OLIR Program, focusing on explaining what OLIRs are, what benefits they provide, how anyone can search and access OLIRs, and how subject matter experts can contribute OLIRs.
The National Cybersecurity Online Informative References (OLIR) Program is a NIST effort to facilitate subject matter experts in defining standardized Online Informative References (OLIRs), which are relationships between elements of their documents and elements of other documents like the NIST...
See full abstract
The National Cybersecurity Online Informative References (OLIR) Program is a NIST effort to facilitate subject matter experts in defining standardized Online Informative References (OLIRs), which are relationships between elements of their documents and elements of other documents like the NIST Cybersecurity Framework. The OLIR Program provides a standard format for expressing OLIRs as well as a centralized location for displaying them. This report describes the OLIR Program, focusing on explaining what OLIRs are, what benefits they provide, how anyone can search and access OLIRs, and how subject matter experts can contribute OLIRs.
Hide full abstract
Keywords
catalog; Cybersecurity Framework; informative references; mapping; National Cybersecurity OLIR Program; Online Informative References (OLIRs)
Control Families
None selected
