Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

NISTIR 8278(Draft)

National Cybersecurity Online Informative References (OLIR) Program: Guidelines for OLIR Users and Developers

Date Published: January 2020
Comments Due: February 24, 2020 (public comment period is CLOSED)
Email Questions to:


Nicole Keller (NIST), Stephen Quinn (NIST), Karen Scarfone (Scarfone Cybersecurity), Matthew Smith (Huntington Ingalls Industries), Vincent Johnson (Electrosoft Services)


In a general sense, an informative reference indicates how one document relates to another document. The National Cybersecurity Online Informative References (OLIR) Program is a NIST effort to facilitate subject matter experts defining standardized online informative references (OLIRs) between elements of their documents and elements of other documents like the NIST Cybersecurity Framework. The OLIR Program provides a standard format for expressing OLIRs and a centralized location for hosting them. 

This draft report describes the OLIR Program, focusing on explaining what OLIRs are and what benefits they provide, how anyone can search and access OLIRs, and how subject matter experts can contribute OLIRs.

NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.



catalog; Cybersecurity Framework; informative references; mapping; Online Informative References (OLIRs)
Control Families

None selected