U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

White Paper (Draft)

Planning for a Zero Trust Architecture: A Starting Guide for Administrators

Date Published: August 4, 2021
Comments Due: September 3, 2021 (public comment period is CLOSED)
Email Questions to: zerotrust-arch@nist.gov

Author(s)

Scott Rose (NIST)

Announcement

This draft white paper provides a high-level overview of the NIST Risk Management Framework (NIST RMF) and how it can help in developing and implementing a zero trust architecture.

Zero trust is a set of cybersecurity principles used by stakeholders to plan and implement an enterprise architecture. Since some of these stakeholders may not be familiar with risk analysis and management, the NIST RMF provides a common set of concepts and tasks to both security planners and system operators.

Abstract

Keywords

architecture; information technology; risk; zero trust
Control Families

None selected

Documentation

Publication:
White Paper (DOI)

Supplemental Material:
Local Download (pdf)

Document History:
08/04/21: White Paper (Draft)

Topics

Security and Privacy
planning; risk management; zero trust

Technologies
networks

Applications
enterprise