Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Framework: NIST Publishes NISTIR 8204 on Completing the Online Informative References Template

NIST publishes NIST Internal Report (NISTIR) 8204, "Cybersecurity Framework Online Informative References (OLIR) Submissions: Specification for Completing the OLIR Template."

NIST has published NIST Internal Report (NISTIR) 8204, Cybersecurity Framework Online Informative References (OLIR) Submissions: Specification for Completing the OLIR Template

The Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) lists several related cybersecurity documents as Informative References. Informative References show relationships between the Cybersecurity Framework’s functions, categories, and subcategories and specific sections of standards, guidelines, and best practices. Informative References are often more detailed than the functions, categories, and subcategories and illustrate ways to achieve those outcomes. Finally, Informative References suggest how to use a given cybersecurity document in coordination with the Framework for the purposes of cybersecurity risk management.

NISTIR 8204 is intended to ease the process of creating new Informative References associated with NIST's Cybersecurity Framework.  This document provides guidance to potential Informative Reference Authors on how to fill out the OLIR Template and submit it to NIST for review.

NIST is continuing to identify potential candidates that are willing to participate in the Online Informative Reference (OLIR) Program.  The envisioned development and public feedback process can be reviewed at

Released April 26, 2019, Updated May 22, 2019