Axon NIST 800-53 Axon Compliance Bundle
National Institute of Standards & Technology (NIST) Special Publication 800-53
Disclaimer: Organizations are not required as a matter of law to comply with this document, unless legislation, or a direction given under legislation or by some other lawful authority, compels them to comply. This document does not override any obligations imposed by legislation or law. Furthermore, if this document conflicts with legislation or law, the latter takes precedence.
NIST Special Publication 800-53 (SP 800-53) provides security and privacy controls for information systems and organizations to protect organizational operations and assets, individuals, other organizations, and the Nation from a diverse set of threats and risks, including hostile attacks, human errors, natural disasters, structural failures, foreign intelligence entities, and privacy risks. The controls are flexible and customizable and implemented as part of an organization-wide process to manage risk.
The structure of the framework is broken down into 20 control families, each family contains controls that are specific to that topic and the implementation of those specific controls is based on the organizations particular risks.
NIST 800-53 Control Families | |
|---|---|
Identifier | Control Family |
AC | Access Control |
AT | Awareness and Training |
AU | Audit and Accountability |
CA | Assessment, Authorization, and Monitoring |
CM | Configuration Management |
CP | Contingency Planning |
IA | Identification and Authentication |
IR | Incident Response |
MA | Maintenance |
MP | Media Protection |
PE | Physical and Environmental Protection |
PL | Planning |
PM | Program Management |
ps | Personnel Security |
PT | Pll Processing and Transparency |
RA | Risk Assessment |
SA | System and Services Acquisition |
SC | System and Communications Protection |
Sl | System and Information Integrity |
SR | Supply Chain Risk Management |
LogRhythm’s NIST 800-53 content provides augmented and direct support for multiple NIST controls through a collection of pre-bundled searches, lists, dashboards, and reports. All Dashboards are supplied with data from the underlying searches. You can then schedule reports from the searches for periodic generation and delivery, or generate them on demand. To identify areas of non-compliance in real-time, you can leverage the dashboard for immediate analysis of activities that impact your organization's cardholder data systems.
Please refer to our User Guide for detailed information and implementation guidance on the included searches, lists, and dashboards.
NIST content can be obtained from the compliance folder within the Axon Content GitHub repository.
Additional Resources
NIST provides an abundance of resources for their special publications (NIST 800-53) to assist organizations with their implementations and assessments:
Document Library
SP 800-53 Rev. 5 - Available in multiple formats including PDF and Excel
SP 800-53A - This document contains the assessment guidance for all controls in 800-53. This is how the controls will be evaluated and is critical to understanding the requirements to evidence control effectiveness.
SP 800-53B - This document contains the baseline information and tailoring guidance for all controls in 800-53.
Additional documents that include control mappings to other popular frameworks and analysis of changes from Rev. 4.
Use of NIST’s resource library is highly encouraged in use alongside the supplemental LogRhythm supporting documentation. Refer to NIST 800-53 for information about these and other resources.