FISMA & NIST RMF

Josef Kamara, CPA, CISSP, CISA · Updated May 6, 2026 · 1 minute read

NIST SP 800-53 Revision 5

NIST Special Publication 800-53 Revision 5, the catalog of 1,007 security and privacy controls organized into 20 families that federal information systems use to satisfy FISMA. Revision 5 was published September 2020 and integrated privacy controls into the security catalog for the first time, added a Supply Chain Risk Management family, and reframed many controls in outcome-based language. It is the technical baseline for FedRAMP, FISMA, and most agency Risk Management Framework implementations.

The Authority Brief

One compliance analysis per week from Josef Kamara, CPA, CISSP, CISA. Federal and private compliance, written for practitioners.