Mapping & Analysis: NIST Cybersecurity Framework to Risk Management Framework 800-53A Assessment Objectives

NIST has provided a cross walk from the Cybersecurity Framework (CSF) to the Risk Management Framework (RMF) 800-53 security controls. The bar chart below displays these blended data sets and maps the CSF to the 800-53A assessment objectives. Here is some summary count info by CSF Function:

  1. Identify (ID) = 983 assessment objectives
  2. Protect (PR) = 1187 assessment objectives
  3. Detect (DE) = 833 assessment objectives
  4. Respond (RS) = 267 assessment objectives
  5. Recover (RC) = 72 assessment objectives
Link to the corresponding table chart - here.