NIST-53
NIST-53
Compliance standard for information security.
Total Requirements
28
defined requirements
Mapped Controls
0
control mappings
Overall Compliance
0%
0/0 controls compliant
Related Risks
0
0 critical · 0 high
Requirements Coverage
AC-2
Account Management
Not mapped
Gestão de contas: criação, modificação, monitoramento, desativação e remoção
No controls mapped to this requirement
AC-2(2)
Automated Temporary/Emergency Account Management
Not mapped
Gestão automatizada de contas temporárias e de emergência
No controls mapped to this requirement
AC-2(3)
Disable Accounts
Not mapped
Desativação automática de contas inativas
No controls mapped to this requirement
AC-2(4)
Automated Audit Actions
Not mapped
Ações de auditoria automatizadas para gestão de contas
No controls mapped to this requirement
AC-2(7)
Privileged User Accounts
Not mapped
Gestão de contas de usuários privilegiados
No controls mapped to this requirement
AC-3
Access Enforcement
Not mapped
Aplicação de autorizações aprovadas para acesso a recursos
No controls mapped to this requirement
AC-5
Separation of Duties
Not mapped
Segregação de funções para prevenir conflitos
No controls mapped to this requirement
AC-6
Least Privilege
Not mapped
Princípio do menor privilégio
No controls mapped to this requirement
AU-2
Event Logging
Not mapped
Identificação de eventos para logging
No controls mapped to this requirement
AU-3
Content of Audit Records
Not mapped
Conteúdo dos registros de auditoria
No controls mapped to this requirement
AU-6
Audit Record Review
Not mapped
Revisão e análise de registros de auditoria
No controls mapped to this requirement
CM-2
Baseline Configuration
Not mapped
Configuração baseline para sistemas
No controls mapped to this requirement
CM-8
System Component Inventory
Not mapped
Inventário de componentes do sistema
No controls mapped to this requirement
IA-2
Identification and Authentication
Not mapped
Identificação e autenticação de usuários organizacionais
No controls mapped to this requirement
IA-5
Authenticator Management
Not mapped
Gestão de autenticadores (senhas, tokens, certificados)
No controls mapped to this requirement
PE-2
Physical Access Authorizations
Not mapped
Autorizações de acesso físico
No controls mapped to this requirement
PE-18
Location of System Components
Not mapped
Localização de componentes do sistema
No controls mapped to this requirement
PL-2
System Security and Privacy Plans
Not mapped
Planos de segurança e privacidade do sistema
No controls mapped to this requirement
PM-1
Information Security Program Plan
Not mapped
Plano do programa de segurança da informação
No controls mapped to this requirement
PM-4
Plan of Action and Milestones
Not mapped
Plano de ação e marcos
No controls mapped to this requirement
PM-9
Risk Management Strategy
Not mapped
Estratégia de gestão de riscos
No controls mapped to this requirement
PM-11
Mission and Business Process Definition
Not mapped
Definição de missão e processos de negócio
No controls mapped to this requirement
PS-3
Personnel Screening
Not mapped
Triagem de pessoal
No controls mapped to this requirement
PS-4
Personnel Termination
Not mapped
Encerramento de pessoal
No controls mapped to this requirement
PS-7
External Personnel Security
Not mapped
Segurança de pessoal externo (terceiros)
No controls mapped to this requirement
RA-3
Risk Assessment
Not mapped
Avaliação de riscos
No controls mapped to this requirement
RA-5
Vulnerability Monitoring and Scanning
Not mapped
Monitoramento e varredura de vulnerabilidades
No controls mapped to this requirement
SI-7
Software and Information Integrity
Not mapped
Integridade de software e informação
No controls mapped to this requirement
Educational Content
Standard Overview
Compliance standard for information security.
How Compliance is Calculated
Compliance is calculated based on the maturity level of each control mapped to this standard. Controls with maturity level 3 or above are considered compliant. The overall compliance percentage represents the ratio of compliant controls to total mapped controls.
- Compliant: Maturity level 3 or above
- Partial: Maturity level 1-2
- Non-compliant: Maturity level 0 (not implemented)
Best Practices for Implementation
- Conduct a gap analysis to identify areas needing improvement
- Prioritize controls based on risk assessment results
- Establish clear ownership and accountability for each control
- Implement continuous monitoring and regular reviews
- Document evidence of compliance for audit readiness
- Train staff on security awareness and standard requirements