Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Security Controls for Information Systems: Revised Guidelines Issued by NIST



Shirley M. Radack


This bulletin summarizes the information provided in NIST SP 800-53, concerning the guidance developed for federal agencies in selecting and specifying security controls for their information systems. The bulletin discusses the contents of SP 800-53 and its supplemental publications, and explains how to gain access to the guidance. Topics covered in the bulletin include: how security controls should be selected and used as part of a well-defined and documented information security program; the requirements of the Federal Information Security Management Act (FISMA) and the standards and guidelines developed by NIST under the FISMA; the risk management approach to selecting controls as part of an organization¿s information security program; the tailoring guidance introduced in the guide to give federal agencies flexibility in responding to known threats and in taking action on agency-identified risks. References are provided to NIST publications that support the risk management process and the selection, implementation, and assessment of security controls.
ITL Bulletin -


Federal Information Security Management Act, FIPS, information security, information systems, minimum security requirements, risk management, security controls


Radack, S. (2007), Security Controls for Information Systems: Revised Guidelines Issued by NIST, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed May 23, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created January 31, 2007, Updated January 27, 2020