Hello, Guest!

NIST Releases Guide for Multilevel Security Control Baselines

1 min read

The National Institute of Standards and Technology (NIST) has created a guide to help agencies ensure compliance with risk management requirements for processing personally identifiable information.

NIST said Thursday the “quick-start” guide is called “Control Baselines for Information Systems and Organizations" and is meant to complement the agency’s Special Publication 800-53 Revision 5 that covers privacy and security controls.

The new guide includes baselines to help agencies address risks in the low, moderate and high levels, according to NIST.

“Many external programs and organizations depend on the NIST recommendations to help protect cloud, health care, financial, transportation, manufacturing, defense and industrial control systems,” said Ron Ross, a fellow at NIST and co-author of the guide. “It’s our goal to get all of them the right kind of protection.”