NIST 800-53 outlines mandatory controls to protect federal information for federal agencies and companies who partner with them. NIST, the National Institute of Standards and Technology, a non-regulatory agency of the U.S. Commerce Department, developed NIST 800-53 to help federal contractors and agencies meet the requirements of the Federal Information Security Management Act. This act means that any time you interact with federal stores, processes, or information, your information system must adhere to specific standards.
NIST 800-53 controls are organized into 18 families and are broken out into low-impact, moderate-impact, and high-impact categories. This breakdown allows you to assess and deploy the most relevant risk framework and includes mobile and cloud computing, insider threats, application security, and supply chain security.
This framework can be accessed in the Risk Cloud Controls Repository, where you can download and implement the framework directly into your relevant Applications.