Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-184 (Initial Public Draft)

Guide for Cybersecurity Event Recovery

Date Published: June 2016
Comments Due: July 11, 2016 (public comment period is CLOSED)
Email Questions to:


Michael Bartock (NIST), Jeffrey Cichonski (NIST), Murugiah Souppaya (NIST), Matthew Smith (G2), Gregory Witte (G2), Karen Scarfone (Scarfone Cybersecurity)


NIST Draft Special Publication 800-184, Guide for Cybersecurity Event Recovery, is available for public comment. The purpose of this document is to support federal agencies in a technology-neutral way in improving their cyber event recovery plans, processes, and procedures. This publication provides tactical and strategic guidance regarding the planning, playbook developing, testing, and improvement of recovery planning. It also provides an example scenario that demonstrates guidance and informative metrics that may be helpful for improving resilience of the information systems.

A template for submitting comments is provided below.



cybersecurity; Cybersecurity Framework (CSF); Cybersecurity National Action Plan (CNAP); Cybersecurity Strategy and Implementation Plan (CSIP); metrics; planning; recovery; cyber event; resilience
Control Families

Access Control; Awareness and Training; Assessment, Authorization and Monitoring; Contingency Planning; Incident Response; Planning; Program Management; Risk Assessment; System and Communications Protection; System and Information Integrity