Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Charting the Course for NIST OSCAL: NIST CSWP 53 is Available for Public Comment
The initial public draft of NIST Cybersecurity White Paper (CSWP) 53, Charting the Course for NIST OSCAL, is available for public comment. The public comment period is open through January 13, 2026.
The initial public draft of NIST Cybersecurity White Paper (CSWP) 53, Charting the Course for NIST OSCAL, is available for public comment. This paper introduces the Open Security Controls Assessment Language (OSCAL) — an open-source, machine-readable language that standardizes security documentation for better monitoring and risk management.
OSCAL was developed to modernize manual, paper-based cybersecurity compliance through automated, scalable processes and continuous assessments. This draft describes OSCAL’s layered architecture, its growing global adoption, and its future integration with emerging technologies (e.g., digital twins, agentic AI) for autonomous risk reasoning and continuous assurance.
The public comment period is open through January 13, 2026. See the publication details for a copy of the draft and instructions for submitting comments.