Navigating through NIST’s extensive documentation can be exhausting. Publications like NIST SP 800-53, 53a, and 53b are invaluable, but their sheer volume—spanning thousands of pages—can be overwhelming.
But, what if I were to tell you that there is a more convenient way to browse them.
The Cybersecurity and Privacy Reference Tool (CPRT) by NIST offers a new way to access and leverage these resources. This article provides a step-by-step guide to using the CPRT, when browsing controls of NIST SP 800-53.
Step 1: Access CPRT
You can find the Cybersecurity and Privacy Reference Tool here: CPRT
To browse publications, click on “Utilize” as highlighted below.
Step 2: Select Publication
The second step in using the CPRT is to choose the specific NIST publication you want to explore. For instance, if you’re interested in NIST SP 800-53, which provides a comprehensive set of security and privacy controls for federal information systems and organizations, you would select this publication from the list.
Step 3: Select Control Family
The next step to get to the controls is to choose a control family. NIST SP 800-53 is organized into 20 control families, each focusing on different aspects of security and privacy. Let’s pick the first control family.
Step 4: Select Control
Once you have chosen a control family, you can then select a specific control within that family. This view provides an overview of each control, including its associated baseline as defined in NIST SP 800-53b. Let’s select control AC-11 Device Lock.
Step 5: Examine Control
The final step involves opening the control to access detailed information, including the control statement, control enhancements, and associated assessment procedures.
