National Institute of Standards and Technology (NIST)


The National Institute of Standards and Technology (NIST) 800-53 security controls are generally applicable to US Federal Information Systems. Federal Information Systems typically must go through a formal assessment and authorization process to ensure sufficient protection of confidentiality, integrity, and availability of information and information systems.

The NIST Cybersecurity Framework (CSF) is supported by governments and industries worldwide as a recommended baseline for use by any organization, regardless of its sector or size. According to Gartner, in 2015 the CSF was used by approximately 30 percent of US organizations and usage is projected to reach 50 percent by 2020. Since Fiscal Year 2016, federal agency Federal Information Security Modernization Act (FISMA) metrics have been organized around the CSF, and agencies are now required to implement the CSF under the Cybersecurity Executive Order.

Have Questions? Connect with an AWS Business Representative
Exploring compliance roles?
Apply today »
Want AWS Compliance updates?
Follow us on Twitter »