Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Managing the Security of Information Exchanges: NIST Publishes SP 800-47, Rev. 1

NIST has published SP 800-47 Revision 1, "Managing the Security of Information Exchanges."

Organizations have mission and business-based needs to exchange or share information with one or more internal or external organizations via various information exchange channels. In order to protect the confidentiality, integrity, and availability of the information commensurate with risk, the information being exchanged requires protection at the same or similar levels as it moves from one organization to another. 

NIST Special Publication (SP) 800-47 Revision 1, Managing the Security of Information Exchanges, provides guidance on identifying information exchanges; considerations for protecting exchanged information before, during, and after the exchange commensurate with risk; and sample templates of the agreements needed to manage the protection of the exchanged information. Rather than focus on any particular type of technology-based connection or information access, this publication has been updated to define the scope of information exchange, describe the benefits of securely managing information exchange, identify types of information exchanges, discuss potential security risks associated with information exchange, and detail a four phase methodology to securely manage information exchange between systems and organizations. This document also recommends steps for each phase of the methodology with an emphasis on the security measures necessary to protect the shared data.

For any questions, please contact sec-cert [at] nist.gov.

Released July 20, 2021