Date Published: November 2016 (updated 3/21/2018)
Supersedes:
SP 800-160 (01/03/2018)
Planning Note (07/14/2020):
A supplement to Appendix D is now available. Also see NIST's Systems Security Engineering (SSE) Project.
Access Control; Awareness and Training; Audit and Accountability; Assessment, Authorization and Monitoring; Configuration Management; Contingency Planning; Identification and Authentication; Incident Response; Maintenance; Media Protection; Physical and Environmental Protection; Planning; Program Management; Personnel Security; Risk Assessment; System and Services Acquisition; System and Communications Protection; System and Information Integrity
Publication:
https://doi.org/10.6028/NIST.SP.800-160v1
Download URL
Supplemental Material:
Appendix D Supplement (xlsx)
Systems Security Engineering (SSE) Project
"Rethinking Cybersecurity from the Inside Out" (blog post)
Publication Parts:
SP 800-160 Vol. 2
Related NIST Publications:
Document History:
03/21/18: SP 800-160 Vol. 1 (Final)