ComplianceForge Support

The ComplianceForge support team writes these blog articles, based on our experience.

Chevron Deference and Cybersecurity Compliance

ComplianceForge Support January 19th, 2024 6 minute read

CMMC | Compliance | Governance, Risk & Compliance (GRC)

Cybersecurity Controls Shape Continuous Monitoring

ComplianceForge Support January 16th, 2024 4 minute read

CMMC: Document, Implement & Assess

ComplianceForge Support January 9th, 2024 6 minute read

Secure Controls Framework (SCF)

NIST 800-171 & CMMC Terms Guide

ComplianceForge Support August 9th, 2023 1 minute read

CMMC | Compliance

NIST SP 800-53 vs FedRAMP vs SP 800-171: A Clear Guide

ComplianceForge Support June 20th, 2023 2 minute read

Strategy vs Operations vs Tactics

ComplianceForge Support June 15th, 2023 14 minute read

Policy vs Standard vs Control vs Procedure

ComplianceForge Support June 15th, 2023 14 minute read

Statutory vs Regulatory vs Contractual

ComplianceForge Support June 14th, 2023 5 minute read

Threat vs Vulnerability vs Risk

ComplianceForge Support June 14th, 2023 2 minute read

⇠ Previous Next ⇢

NIST SP 800‑53 R5 Control Families

This release includes a total of 1,189 controls, organized into 20 families:

Access Control
Awareness & Training
Audit & Accountability
Assessment, Authorization & Monitoring
Configuration Management
Contingency Planning
Identification & Authentication
Incident Response
Maintenance
Media Protection
Physical & Environmental Protection
Planning
Program Management
Personnel Security
Personally Identifiable Information (PII) Processing & Transparency
Risk Assessment
System & Services Acquisition
System & Communications Protection
System & Information Integrity
Supply Chain Risk Management

This count includes deprecated controls that have been removed or folded into others. Some controls are not categorized under baselines—low, moderate, high, or privacy—per NIST SP 800‑53B.

ComplianceForge provides full 1:1 mapping of all 20 families and their controls in its CDPP documentation.

ComplianceForge Support

Chevron Deference and Cybersecurity Compliance

Cybersecurity Controls Shape Continuous Monitoring

CMMC: Document, Implement & Assess

NIST 800-171 & CMMC Terms Guide

NIST SP 800-53 vs FedRAMP vs SP 800-171: A Clear Guide

Strategy vs Operations vs Tactics

Policy vs Standard vs Control vs Procedure

Statutory vs Regulatory vs Contractual

Threat vs Vulnerability vs Risk

NIST SP 800‑53 R5 Control Families

Is A GRC Tool A Security Protection Asset (SPA)?

Cybersecurity Materiality & Key Controls

NIST 800-171 R2 to R3 Transition Guide

Apply PPTDF For Cybersecurity Compliance

NIST SP 800‑53 R5 Control Families