Laws and Executive Orders
FEDERAL INFORMATION PROCESSING STANDARDS (FIPS) PUBLICATIONS
NIST SPECIAL PUBLICATIONS (SP)
SP 800-12 (An Introduction to Information Security), June 2017
SP 800-18 (Security Plans), Feb 2006
SP 800-30 (Risk Assessment), September 2012
SP 800-34 (Contingency Planning), May 2010
SP 800-37 Rev 2 (Risk Management Framework), December 2018
SP 800-39 (Organizational Risk Management), March 2011
SP 800-53 Rev. 4 (Security and Privacy Controls for Federal Information Systems and Organizations), January 2014
SP 800-53A Rev 4 (Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans), December 2014
SP 800-55 Rev 1 (Performance Measurement Guide for Information Security), July 2008
SP 800-59 (National Security Systems), August 2003
SP 800-60 Rev. 1 (Security Categorization), Volume 1, August 2008
SP 800-60 Rev. 1 (Security Categorization), Volume 2, August 2008
SP 800-61 Rev. 2(Incident Response Planning), August 2012
SP 800-137 (Assessing Information Security Continuous Monitoring (ISCM)Programs: Developing an ISCM Program Assessment), September 2011
SP 800-137A (Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment), May 2020
IR 7298 (Glossary of Key Information Security Terms)
SP 800-18 (Security Plans), Feb 2006
SP 800-30 (Risk Assessment), September 2012
SP 800-34 (Contingency Planning), May 2010
SP 800-37 Rev 2 (Risk Management Framework), December 2018
SP 800-39 (Organizational Risk Management), March 2011
SP 800-53 Rev. 4 (Security and Privacy Controls for Federal Information Systems and Organizations), January 2014
SP 800-53A Rev 4 (Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans), December 2014
SP 800-55 Rev 1 (Performance Measurement Guide for Information Security), July 2008
SP 800-59 (National Security Systems), August 2003
SP 800-60 Rev. 1 (Security Categorization), Volume 1, August 2008
SP 800-60 Rev. 1 (Security Categorization), Volume 2, August 2008
SP 800-61 Rev. 2(Incident Response Planning), August 2012
SP 800-137 (Assessing Information Security Continuous Monitoring (ISCM)Programs: Developing an ISCM Program Assessment), September 2011
SP 800-137A (Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment), May 2020
IR 7298 (Glossary of Key Information Security Terms)
COMMITTEE ON NATIONAL SECURITY SYSTEMS (CNSS) PUBLICATIONS
CNSSP 22 (Risk Management Policy for NSS)
CNSSI_1253 (Security Categorization and Control Selection for National Security Systems)
CNSSI 1254 (Risk Management Framework Documentation Data Element Standards and Reciprocity Process for NSS)
CNSSI 4009 (Committee on National Security Systems (CNSS) Glossary)
Classified Information Overlay
Privacy Overlays
CNSSI_1253 (Security Categorization and Control Selection for National Security Systems)
CNSSI 1254 (Risk Management Framework Documentation Data Element Standards and Reciprocity Process for NSS)
CNSSI 4009 (Committee on National Security Systems (CNSS) Glossary)
Classified Information Overlay
Privacy Overlays
DEPARTMENT OF DEFENSE INSTRUCTIONS (DODI)
INTELLIGENCE COMMUNITY (IC) PUBLICATIONS
DISA CLOUD COMPUTING SUPPLEMENTAL GUIDANCE AND INFORMATION
DISA Cloud Computing Security Requirements Guide v1r3 | Online Version
Best Practices Guide for DoD Cloud Mission Owners
Cloud Connection Process Guide v2
Cloud Related Baselines and eMASS Cloud Overlays Ver. 1, Rel 1
DoD Cloud Cyberspace Protection Guide
DoD Cyber Activities Performed for Cloud Service Memo
Secure Cloud Computing Architecture (SCCA) Functional Requirements (FR) v2-9
Best Practices Guide for DoD Cloud Mission Owners
Cloud Connection Process Guide v2
Cloud Related Baselines and eMASS Cloud Overlays Ver. 1, Rel 1
DoD Cloud Cyberspace Protection Guide
DoD Cyber Activities Performed for Cloud Service Memo
Secure Cloud Computing Architecture (SCCA) Functional Requirements (FR) v2-9
DEFENSE COUNTERINTELLIGENCE AND SECURITY AGENCY (DCSA) PUBLICATIONS