What do you think?
Rate this book
Security and Privacy Controls for Information Systems and Organizations Rev 5: Draft NIST Special Publication 800-53 Revision 5
NIST SP 800-53 Rev 5 FINAL including a BLANK Collaboration Index, released September 2020.
This is NOT the DRAFT version. Even tho the title and sample have not been updated in the system, it was released in September 2020. We added the Collaboration Index at the end of the book and put a Table of Contents on the back.
This publication provides a catalog of security and privacy controls for information systems and organizations to protect organizational operations and assets, individuals, other organizations, and the Nation from a diverse set of threats and risks, including hostile attacks, human errors, natural disasters, structural failures, foreign intelligence entities, and privacy risks. The controls are flexible and customizable and implemented as part of an organization-wide process to manage risk. The controls address diverse requirements derived from mission and business needs, laws, executive orders, directives, regulations, policies, standards, and guidelines. Finally, the consolidated control catalog addresses security and privacy from a functionality perspective (i.e., the strength of functions and mechanisms provided by the controls) and from an assurance perspective (i.e., the measure of confidence in the security or privacy capability provided by the controls). Addressing functionality and assurance helps to ensure that information technology products and the systems that rely on those products are sufficiently trustworthy.
Why buy a book you can download for free?
First you gotta find a good clean (legible) copy and make sure it’s the latest version (not always easy). Some documents found on the web are missing some pages or the image quality is so poor, they are difficult to read. We look over each document carefully and replace poor quality images by going back to the original source document. We proof each document to make sure it’s all there – including all changes. If you find a good copy, you could print it using a network printer you share with 100 other people (typically its either out of paper or toner). If it’s just a 10-page document, no problem, but if it’s 250-pages, you will need to punch 3 holes in all those pages and put it in a 3-ring binder. Takes at least an hour.
It’s much more cost-effective to just order the latest version from Amazon.com
This book is published by 4th Watch Books and includes copyright material. We publish compact, tightly-bound, full-size books (8 ½ by 11 inches), with glossy covers. 4th Watch Books is a Service Disabled Veteran-Owned Small Business (SDVOSB). If you appreciate the service we provide, please leave positive review on Amazon.com
For more titles published, please www.usgovpub.com
NIST SP 800-53A R 4 Assessing Security and Privacy Controls
NIST SP 800-18 R 1 Developing Security Plans for Federal Information Systems
WhitepaperNIST Framework for Improving Critical Infrastructure Cybersecurity
NISTIR 8170 The Cybersecurity Framework
NIST SP 800-171A Assessing Security Requirements for Controlled Unclassified Information
NIST SP 800-171 R1 Protecting Controlled Unclassified Information in Nonfederal Systems
NISTIR 8089An Industrial Control System Cybersecurity Performance Testbed
Cybersecurity Standards Compendium
NIST SP 800-12 An Introduction to Information Security
FIPS PUB 200 Minimum Security Requirements for Federal Information and Information Systems
This is NOT the DRAFT version. Even tho the title and sample have not been updated in the system, it was released in September 2020. We added the Collaboration Index at the end of the book and put a Table of Contents on the back.
This publication provides a catalog of security and privacy controls for information systems and organizations to protect organizational operations and assets, individuals, other organizations, and the Nation from a diverse set of threats and risks, including hostile attacks, human errors, natural disasters, structural failures, foreign intelligence entities, and privacy risks. The controls are flexible and customizable and implemented as part of an organization-wide process to manage risk. The controls address diverse requirements derived from mission and business needs, laws, executive orders, directives, regulations, policies, standards, and guidelines. Finally, the consolidated control catalog addresses security and privacy from a functionality perspective (i.e., the strength of functions and mechanisms provided by the controls) and from an assurance perspective (i.e., the measure of confidence in the security or privacy capability provided by the controls). Addressing functionality and assurance helps to ensure that information technology products and the systems that rely on those products are sufficiently trustworthy.
Why buy a book you can download for free?
First you gotta find a good clean (legible) copy and make sure it’s the latest version (not always easy). Some documents found on the web are missing some pages or the image quality is so poor, they are difficult to read. We look over each document carefully and replace poor quality images by going back to the original source document. We proof each document to make sure it’s all there – including all changes. If you find a good copy, you could print it using a network printer you share with 100 other people (typically its either out of paper or toner). If it’s just a 10-page document, no problem, but if it’s 250-pages, you will need to punch 3 holes in all those pages and put it in a 3-ring binder. Takes at least an hour.
It’s much more cost-effective to just order the latest version from Amazon.com
This book is published by 4th Watch Books and includes copyright material. We publish compact, tightly-bound, full-size books (8 ½ by 11 inches), with glossy covers. 4th Watch Books is a Service Disabled Veteran-Owned Small Business (SDVOSB). If you appreciate the service we provide, please leave positive review on Amazon.com
For more titles published, please www.usgovpub.com
NIST SP 800-53A R 4 Assessing Security and Privacy Controls
NIST SP 800-18 R 1 Developing Security Plans for Federal Information Systems
WhitepaperNIST Framework for Improving Critical Infrastructure Cybersecurity
NISTIR 8170 The Cybersecurity Framework
NIST SP 800-171A Assessing Security Requirements for Controlled Unclassified Information
NIST SP 800-171 R1 Protecting Controlled Unclassified Information in Nonfederal Systems
NISTIR 8089An Industrial Control System Cybersecurity Performance Testbed
Cybersecurity Standards Compendium
NIST SP 800-12 An Introduction to Information Security
FIPS PUB 200 Minimum Security Requirements for Federal Information and Information Systems
519 pages, Paperback
Published August 15, 2017
3 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
September 7, 2020
Professional development for work.
I actually enjoyed this for the most part and it wasn't too bad. Going through all the controls and their enhancements was very informative and educational for my career field.
A quick and easy way to absorb this content for folks in a hurry would be to just check the revision 5 changes (assuming you are familiar with rev 4) and even better than that would be just to look at Appendix D.
If you are in the cyber security field, even if you hate Risk Management Framework (RMF), it probably is advantageous to your career to at least be generally familiar (Appendix D) with this publication.
I actually enjoyed this for the most part and it wasn't too bad. Going through all the controls and their enhancements was very informative and educational for my career field.
A quick and easy way to absorb this content for folks in a hurry would be to just check the revision 5 changes (assuming you are familiar with rev 4) and even better than that would be just to look at Appendix D.
If you are in the cyber security field, even if you hate Risk Management Framework (RMF), it probably is advantageous to your career to at least be generally familiar (Appendix D) with this publication.
Displaying 1 of 1 review