NIST 800 53 20 families

AC Access Control

Controls who can see or change data.

AT awareness and training

Educate users on security best practices.

AU Audit and Accountability

Track and log user activities to ensure compliance.

CA Assessment, Authorization, and Monitoring

Evaluate, approve, and monitor security controls.

CM Configuration

Manage and maintain system settings and security baselines.

CP Configuration Management

Manage and control system configurations.

IA Identification and Authentication

Verify user identities before granting access.

IR Incident Response

Detect, respond to, and recover from security incidents.

MA Maintenance

Ensure systems are regularly updated and repaired.

MP Media Protection

Safeguard data storage devices from unauthorized access.

PE Physical and Environmental Protection

Protect facilities, equipment, and people from physical and environmental threats.

PL Planning

Develop strategies to ensure security goals are met.

PM Program Management

Oversee and coordinate security programs.

PS Personnel Security

Ensure employees are trustworthy and trained.

PT PII Processing and Transparency

Handle personal data responsibly and transparently.

RA Risk Assessment

Identify and evaluate security risks.

SA System and Services Acquisition

Ensure secure purchasing and contracting of IT systems.

SC System and Communications Protection

SC System and Communications Protection

SI System and Information Integrity

Protect systems and data from corruption and ensure accuracy.

SR Supply Chain Risk Management

Manage and mitigate risks in the supply chain.