NIST SP 800-53 Now Available on Whistic

January 18, 2021

NIST 800-53 is a set of guidelines designed to make it easier for federal agencies and contractors to meet the requirements imposed by the Federal Information Security Management Act, or FISMA.

Rev.5, which was released mid-2020 brings with it a new emphasis on privacy, expanded security controls, and changes to control categories:

  • Outcome-based (as opposed to impact-based) controls.
  • New emphasis on privacy: integration of privacy controls with security controls, and better integration with cybersecurity/risk management.
  • Separation of control selection from actual controls.
  • New controls based on threat intelligence.

NIST SP 800-53 provides an exhaustive catalog of controls designed to make systems more resilient. These controls are fully operational and technical and designed to create management safeguards that can then be used by various information systems. The standard seeks to promote integrity, confidentiality, availability, and security of information systems.

NIST SP 800-53 does this by defining 18 different sections of what it calls the NIST SP 800-53 security control family

To learn more about the latest version of SP 800-53, view the draft on NIST’s website.


Email us to learn more about how Whistic or our Partners can help with NIST Assessments.

standards nist

About the author


The latest insights and updates on information security and third party risk management.

Hate security reviews?
Want FREE AirPods?*

Offer valid for any decision-maker/influencer in relation to your company’s third-party risk management strategy. Company size must exceed 100 employees. Exclusions apply. Limit 1 pair per company.