NIST revises security and privacy control assessment methods

By Prayukth K V
January 28, 2022
NIST revises security and privacy control assessment methods

The NIST (National Institute of Standards and Technology) has announced the release of a new Special Publication revision to verify the veracity of the implementation of security and privacy controls. Special Publication (SP) 800-53A Revision 5 includes updates that correspond to the security and privacy controls mentioned in SP 800-53. Primarily this revision provides a methodology and a set of assessment procedures to ensure (with verification) that the controls implemented meet all objectives and are attuned to achieve stated privacy and security outcomes of an organization.

The NIST SP 800-53A assessment procedures offer a framework and an initiation point for assessing controls that can be customized to meet the needs of organizations and assessors. It enables the assessment of security and privacy controls within an effective and well-defined risk management framework.

NIST SP 800-53A also:

  • Introduces a new model for varied assessment procedures to better support the use of automated tools
  • Strives to improve the efficiency of control assessments
  • Supports continuous monitoring of existing authorization programs
  • Is oriented towards helping organizations understand their specific needs around controls and implement them accordingly
  • Addresses newly updated privacy and supply chain risk management controls

To enable organizations to use, the assessment procedures with ease, they have been published by NIST in multiple data formats. These include comma-separated values (CSV), plain text, and Open Security Controls Assessment Language (OSCAL). All of these are accessible on NIST’s publication details page and in the OSCAL Content Git Repository.

Learn about easy to deploy compliance kits to help your regulatory compliance initiatives.   

Sectrio is offering its threat intelligence feeds for trial for free for 15 days. Our feeds work with the best SIEM solutions out there and meet all the parameters listed above. To access our threat intelligence feeds for free, sign up now.

Talk to our cybersecurity experts to learn how Sectrio’s IoT security solution and threat intelligence can help your business

See how our OT-IoT-IT security solution can handle such threats to your enterprise. Book a no-obligation demo. 

Improve your cybersecurity through OT and IoT focused threat intelligence feeds free for 15 days

Get access to enriched IoT-focused cyber threat intelligence for free for 15 days  

OT and IoT Security standards and Best Practices for CISO's

Download our CISO IoT and OT security handbook  

Access our latest Global Threat Landscape report  

Key Points

Get the latest news and insights beamed directly to you


    Share

    Key Points

    Get the latest news and insights beamed directly to you


      Share

      NIST revises security and privacy control assessment methods

      Read More

      Protecting your critical assets is only a few steps away

      Scroll to Top