Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST IR 7358

Program Review for Information Security Management Assistance (PRISMA)

Date Published: January 2007

Planning Note (07/12/2023):

The Program Review for Information Security Assistance (PRISMA) project was last updated in 2007; NISTIR 7358 and the corresponding PRISMA tool continue to serve as useful resources for high-level guidance and as a general framework, but may not be fully consistent with changes to requirements, standards and guidelines for securing systems. The PRISMA project is being incorporated into the NIST Cybersecurity Risk Analytics and Measurement project and research to support updates will begin in FY24.

For questions or comments regarding the NIST Cybersecurity Risk Analytics and Measurement project, please contact


Pauline Bowen (NIST), Richard Kissel (NIST)



inspections; maturity level; PRISMA; security issues; security reviews; evaluation; action plan
Control Families

Audit and Accountability; Assessment, Authorization and Monitoring; Planning


Download URL

Supplemental Material:
None available

Document History:
01/01/07: IR 7358 (Final)