800-53B

NIST SP 800-53B

  1. 800-53B "provides a set of baseline security... and privacy controls for information systems and organizations."[1]
    1. Helps organizations choose an appropriate baseline of security and privacy controls for their system's impact level.
    2. Defines control impact levels relating to the three components of the CIA Triad using the "high water mark" standard, where the highest-rated component defines the impact level of the entire system.
      1. Low-impact systems have low impact across the triad
      2. Moderate-impact systems have at least one component that is rated as moderate, and nothing that is rated high
      3. High-impact systems have at least one component that is rated as high

Resources

Official

SP 800-53B, Control Baselines for Information Systems and Organizations | CSRC

Supplemental

  1. NIST Special Publication 800-53 - Wikipedia ↩︎