The NIST (National Institute of Standards and Technology) has announced the release of a new Special Publication revision to verify the veracity of the implementation of security and privacy controls. Special Publication (SP) 800-53A Revision 5 includes updates that correspond to the security and privacy controls mentioned in SP 800-53. Primarily this revision provides a methodology and a set of assessment procedures to ensure (with verification) that the controls implemented meet all objectives and are attuned to achieve stated privacy and security outcomes of an organization.
The NIST SP 800-53A assessment procedures offer a framework and an initiation point for assessing controls that can be customized to meet the needs of organizations and assessors. It enables the assessment of security and privacy controls within an effective and well-defined risk management framework.
NIST SP 800-53A also:
- Introduces a new model for varied assessment procedures to better support the use of automated tools
- Strives to improve the efficiency of control assessments
- Supports continuous monitoring of existing authorization programs
- Is oriented towards helping organizations understand their specific needs around controls and implement them accordingly
- Addresses newly updated privacy and supply chain risk management controls
To enable organizations to use, the assessment procedures with ease, they have been published by NIST in multiple data formats. These include comma-separated values (CSV), plain text, and Open Security Controls Assessment Language (OSCAL). All of these are accessible on NIST’s publication details page and in the OSCAL Content Git Repository.
Learn about easy to deploy compliance kits to help your regulatory compliance initiatives.
Sectrio is offering its threat intelligence feeds for trial for free for 15 days. Our feeds work with the best SIEM solutions out there and meet all the parameters listed above. To access our threat intelligence feeds for free, sign up now.
Talk to our cybersecurity experts to learn how Sectrio’s IoT security solution and threat intelligence can help your business