Recommended NIST References – Review List
• SP 800-12 Rev. 1 — An Introduction to Information Security
• SP 800-18 Guide for Developing Security Plans for Federal Information Systems
• SP 800-30 Guide for Conducting Risk Assessments
• SP 800-37 Rev. 2 — Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy
• SP 800-39 Managing Information Security Risk: Organization, Mission, and Information System View
• SP 800-53 Rev. 5 — Security and Privacy Controls for Information Systems and Organizations
• SP 800-53A Rev. 5 — Assessing Security and Privacy Controls in Information Systems and Organizations
• SP 800 53-B — Control Baselines for Information Systems and Organizations
• SP 800-60 Vol. 1 Guide for Mapping Types of Information and Information Systems to Security Categories
• SP 800-60 Vol. 2 Guide for Mapping Types of Information and Information Systems to Security Categories: Appendices
• FIPS 199 Standards for Security Categorization of Federal Information and Information Systems
• FIPS 200 Minimum Security Requirements for Federal Information and Information Systems