Ron Ross, a National Institute of Standards and Technology fellow, said the agency integrated more privacy controls for Revision 5 of Special Publication 800-53 focused on cybersecurity and supply chain matters, Fifth Domain reported Wednesday.
Ross, who leads the Federal Information Security Modernization Act Implementation Project at NIST, told the publication that the Office of Management and Budget’s delayed review of SP 800-53 has also pushed back the relase date of related guidelines.
“That document, as long as it’s being held up for its final public draft, that’s kind of put a hold on six other publications,” he said. “We’ve got things in the queue.”
According to Ross, the fifth revision covers security controls spanning program management, privacy and supply chain security. He added that he anticipates the final draft of NIST’s 800-160 Vol. 2, which covers cyber resiliency in system development, to be released on Sept. 5.
Ross’ comments come after NIST delayed its release of SP 800-171 Revision 2, which is used by Department of Defense contractors as cybersecurity guidelines for handling unclassified information.