NIST 800-53 is a collection of Recommended Security Controls for Federal Information Systems and Organizations. These guidelines are relevant to any systems that stores, processes, or transmits any federal information.
The following areas are covered by the NIST 800-53 guidelines:
- Access Control
- Audit and Accountability
- Awareness and Training
- Configuration Management
- Contingency Planning
- Identification and Authentication
- Incident Response
- Maintenance
- Media Protection
- Personnel Security
- Physical and Environmental Protection
- Planning
- Program Management
- Risk Assessment
- Security Assessment and Authorization
- System and Communications Protection
- System and Information Integrity
- System and Services Acquisition